Skip to content
Snippets Groups Projects
Commit e9b4ccbf authored by deuce's avatar deuce
Browse files

Add patch to allow connecting to OpenSSH implementations. By default,

TERM is set to "syncterm", this is a global Program Setting, so the best
thing to do is use the SyncTERM termcap or terminfo entry.

Otherwise, you'll need to select a working TERM value from what's available
on the remote system after logging in.
parent c90a93d1
No related branches found
No related tags found
No related merge requests found
...@@ -65,7 +65,7 @@ $(CRYPT_SRC): | $(3RDPSRCDIR) ...@@ -65,7 +65,7 @@ $(CRYPT_SRC): | $(3RDPSRCDIR)
$(CRYPT_IDIR): | $(3RDPODIR) $(CRYPT_IDIR): | $(3RDPODIR)
$(QUIET)$(IFNOTEXIST) mkdir $(CRYPT_IDIR) $(QUIET)$(IFNOTEXIST) mkdir $(CRYPT_IDIR)
$(CRYPTLIB_BUILD): $(3RDP_ROOT)$(DIRSEP)dist/cryptlib.zip $(3RDP_ROOT)$(DIRSEP)build/SSL-fix.patch $(3RDP_ROOT)$(DIRSEP)build/random_exit.patch $(3RDP_ROOT)$(DIRSEP)build/Dynamic-linked-static-lib.patch $(3RDP_ROOT)$(DIRSEP)build/terminal-params.patch $(3RDP_ROOT)$(DIRSEP)build/cl-mingw32-static.patch $(3RDP_ROOT)$(DIRSEP)build/cl-ranlib.patch $(3RDP_ROOT)$(DIRSEP)build/cl-tls-psk-userfix.patch | $(CRYPT_SRC) $(CRYPT_IDIR) $(CRYPTLIB_BUILD): $(3RDP_ROOT)$(DIRSEP)dist/cryptlib.zip $(3RDP_ROOT)$(DIRSEP)build/SSL-fix.patch $(3RDP_ROOT)$(DIRSEP)build/random_exit.patch $(3RDP_ROOT)$(DIRSEP)build/Dynamic-linked-static-lib.patch $(3RDP_ROOT)$(DIRSEP)build/terminal-params.patch $(3RDP_ROOT)$(DIRSEP)build/cl-mingw32-static.patch $(3RDP_ROOT)$(DIRSEP)build/cl-ranlib.patch $(3RDP_ROOT)$(DIRSEP)build/cl-tls-psk-userfix.patch $(3RDP_ROOT)$(DIRSEP)build/cl-PAM-noprompts.patch | $(CRYPT_SRC) $(CRYPT_IDIR)
@echo Creating $@ ... @echo Creating $@ ...
$(QUIET)-rm -rf $(CRYPT_SRC)/* $(QUIET)-rm -rf $(CRYPT_SRC)/*
$(QUIET)unzip -oa $(3RDPDISTDIR)$(DIRSEP)cryptlib.zip -d $(CRYPT_SRC) $(QUIET)unzip -oa $(3RDPDISTDIR)$(DIRSEP)cryptlib.zip -d $(CRYPT_SRC)
...@@ -78,6 +78,7 @@ $(CRYPTLIB_BUILD): $(3RDP_ROOT)$(DIRSEP)dist/cryptlib.zip $(3RDP_ROOT)$(DIRSEP)b ...@@ -78,6 +78,7 @@ $(CRYPTLIB_BUILD): $(3RDP_ROOT)$(DIRSEP)dist/cryptlib.zip $(3RDP_ROOT)$(DIRSEP)b
$(QUIET)patch -p0 -d $(CRYPT_SRC) < cl-ranlib.patch $(QUIET)patch -p0 -d $(CRYPT_SRC) < cl-ranlib.patch
$(QUIET)patch -p0 -d $(CRYPT_SRC) < cl-tls-psk-userfix.patch $(QUIET)patch -p0 -d $(CRYPT_SRC) < cl-tls-psk-userfix.patch
$(QUIET)patch -p0 -d $(CRYPT_SRC) < cl-vcxproj.patch $(QUIET)patch -p0 -d $(CRYPT_SRC) < cl-vcxproj.patch
$(QUIET)patch -p0 -d $(CRYPT_SRC) < cl-PAM-noprompts.patch
ifeq ($(CC),mingw32-gcc) ifeq ($(CC),mingw32-gcc)
$(QUIET)cd $(CRYPT_SRC) && env - PATH="$(PATH)" CC="$(CC)" AR="$(AR)" RANLIB="$(RANLIB)" make directories $(QUIET)cd $(CRYPT_SRC) && env - PATH="$(PATH)" CC="$(CC)" AR="$(AR)" RANLIB="$(RANLIB)" make directories
$(QUIET)cd $(CRYPT_SRC) && env - PATH="$(PATH)" CC="$(CC)" AR="$(AR)" RANLIB="$(RANLIB)" make toolscripts $(QUIET)cd $(CRYPT_SRC) && env - PATH="$(PATH)" CC="$(CC)" AR="$(AR)" RANLIB="$(RANLIB)" make toolscripts
......
--- ../cl/session/ssh2_authc.c 2012-09-10 22:40:52.000000000 -0700
+++ session/ssh2_authc.c 2015-03-20 21:23:03.000000000 -0700
@@ -529,7 +529,7 @@
if( !cryptStatusError( status ) )
{
status = CRYPT_OK; /* readUint32() returns a count value */
- if( noPrompts <= 0 || noPrompts > 4 )
+ if( noPrompts < 0 || noPrompts > 4 )
{
/* Requesting zero or more than a small number of prompts is
suspicious */
@@ -537,37 +537,39 @@
}
}
}
- if( cryptStatusOK( status ) )
- status = readString32( &stream, promptBuffer,
- CRYPT_MAX_TEXTSIZE, &promptLength );
- sMemDisconnect( &stream );
- if( cryptStatusError( status ) )
- {
- retExt( status,
- ( status, SESSION_ERRINFO,
- "Invalid PAM authentication request packet" ) );
- }
+ if ( noPrompts > 0 ) {
+ if( cryptStatusOK( status ) )
+ status = readString32( &stream, promptBuffer,
+ CRYPT_MAX_TEXTSIZE, &promptLength );
+ sMemDisconnect( &stream );
+ if( cryptStatusError( status ) )
+ {
+ retExt( status,
+ ( status, SESSION_ERRINFO,
+ "Invalid PAM authentication request packet" ) );
+ }
- /* Make sure that we're being asked for some form of password
- authentication. This assumes that the prompt string begins with the
- word "password" (which always seems to be the case), if it isn't then
- it may be necessary to do a substring search */
- if( promptLength < 8 || strCompare( promptBuffer, "Password", 8 ) )
- {
+ /* Make sure that we're being asked for some form of password
+ authentication. This assumes that the prompt string begins with the
+ word "password" (which always seems to be the case), if it isn't then
+ it may be necessary to do a substring search */
+ if( promptLength < 8 || strCompare( promptBuffer, "Password", 8 ) )
+ {
/* The following may produce somewhat inconsistent results in terms
of what it reports because it's unclear what 'name' actually is,
on the off chance that something fills this in it could produce
a less appropriate error message than the prompt, but we
opportunistically try it in case it contains something useful */
- retExt( CRYPT_ERROR_BADDATA,
- ( CRYPT_ERROR_BADDATA, SESSION_ERRINFO,
- "Server requested unknown PAM authentication type '%s'",
- ( nameLength > 0 ) ? \
- sanitiseString( nameBuffer, CRYPT_MAX_TEXTSIZE, \
- nameLength ) : \
- sanitiseString( promptBuffer, CRYPT_MAX_TEXTSIZE, \
- promptLength ) ) );
- }
+ retExt( CRYPT_ERROR_BADDATA,
+ ( CRYPT_ERROR_BADDATA, SESSION_ERRINFO,
+ "Server requested unknown PAM authentication type '%s'",
+ ( nameLength > 0 ) ? \
+ sanitiseString( nameBuffer, CRYPT_MAX_TEXTSIZE, \
+ nameLength ) : \
+ sanitiseString( promptBuffer, CRYPT_MAX_TEXTSIZE, \
+ promptLength ) ) );
+ }
+ }
REQUIRES( passwordPtr != NULL && \
passwordPtr->valueLength > 0 && \
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment