Date: Wed, 21 Aug 2002 21:40:05 -0700 (PDT) From: "Andrew L. Neporada" <andr@dgap.mipt.ru> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/40266 telnet SRA sometimes fails at authentificating Message-ID: <200208220440.g7M4e5jv083347@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/40266; it has been noted by GNATS.
From: "Andrew L. Neporada" <andr@dgap.mipt.ru>
To: bug-followup@freebsd.org
Cc:
Subject: Re: bin/40266 telnet SRA sometimes fails at authentificating
Date: Thu, 22 Aug 2002 08:35:42 +0400
It take me some time to find out why our telnetd rejects right password
with probability (1 - 1/256)^(strlen(login) + strlen(password)) ;-)
The fix is quite simple, though:
Index: crypto/telnet/libtelnet/pk.c
===================================================================
RCS file: /home/ncvs/src/crypto/telnet/libtelnet/pk.c,v
retrieving revision 1.9
diff -u -r1.9 pk.c
--- crypto/telnet/libtelnet/pk.c 30 Nov 2001 21:06:34 -0000 1.9
+++ crypto/telnet/libtelnet/pk.c 22 Aug 2002 02:59:23 -0000
@@ -251,7 +251,7 @@
for (l=0,op=0;l<strlen(in)/2;l++,op+=2) {
if(in[op] == '0' && in[op+1] == '0') {
buf[l] = '\0';
- break;
+ continue;
}
if (in[op] > '9')
n1 = in[op] - 'A' + 10;
P.S. Attached test program will help you to observe the bug. Save it in /tmp
then run following commands
cd /tmp
cp /usr/src/crypto/telnet/libtelnet/pk.c .
cp /usr/src/crypto/telnet/libtelnet/pk.h .
cc -c pk.c
cc -c test_pk.c
cc -o tpk test_pk.o pk.o -lmp -lcrypto
./tpk
....
----- begin test_pk.c -----
#include <stdio.h>
#include <string.h>
#include "pk.h"
int
main(void)
{
char *user, *xuser, *pass, *xpass;
char pka[HEXKEYBYTES + 1], ska[HEXKEYBYTES + 1];
char pkb[HEXKEYBYTES + 1], skb[HEXKEYBYTES + 1];
DesData cl_ck, ser_ck;
IdeaData cl_ik, ser_ik;
int i;
user = (char *)malloc(256);
pass = (char *)malloc(256);
xuser = (char *)malloc(513);
xpass = (char *)malloc(513);
if (user == NULL || pass == NULL || xuser == NULL || xpass == NULL) {
fprintf(stderr, "malloc failed");
return (1);
}
for (i = 0; i < 1000; i++) {
genkeys(pka, ska);
genkeys(pkb, skb);
common_key(ska, pkb, &cl_ik, &cl_ck);
common_key(skb, pka, &ser_ik, &ser_ck);
memset(user, 0, 256);
memset(pass, 0, 256);
memset(xuser, 0, 513);
memset(xpass, 0, 513);
strcpy(user, "test1234");
strcpy(pass, "qwerty12");
printf("Encrypting...\n");
pk_encode(user, xuser, &cl_ck);
pk_encode(pass, xpass, &cl_ck);
printf("%s -> %s\n", user, xuser);
printf("%s -> %s\n", pass, xpass);
printf("Decrypting...\n");
memset(user, 0, 256);
memset(pass, 0, 256);
pk_decode(xuser, user, &ser_ck);
pk_decode(xpass, pass, &ser_ck);
printf("%s -> %s\n", xuser, user);
printf("%s -> %s\n", xpass, pass);
if (strcmp("test1234", user) || strcmp("qwerty12", pass)) {
printf("bang!\n");
break;
}
}
return(0);
}
----- end test_pk.c -----
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200208220440.g7M4e5jv083347>