X-Git-Url: https://git.distorted.org.uk/u/mdw/putty/blobdiff_plain/170c1e6e0e1c81fb748e0ef8f291a5a92898a1e7..8f1612752a89ea821dbd63491aef858f7f7e5bef:/ssh.c

diff --git a/ssh.c b/ssh.c
index 16ceb013..33da9930 100644
--- a/ssh.c
+++ b/ssh.c
@@ -868,9 +868,12 @@ static int ssh1_rdpkt(Ssh ssh, unsigned char **data, int *datalen)
     if (ssh->v1_compressing) {
 	unsigned char *decompblk;
 	int decomplen;
-	zlib_decompress_block(ssh->sc_comp_ctx,
-			      ssh->pktin.body - 1, ssh->pktin.length + 1,
-			      &decompblk, &decomplen);
+	if (!zlib_decompress_block(ssh->sc_comp_ctx,
+				   ssh->pktin.body - 1, ssh->pktin.length + 1,
+				   &decompblk, &decomplen)) {
+	    bombout(("Zlib decompression encountered invalid data"));
+	    crStop(0);
+	}
 
 	if (ssh->pktin.maxlen < st->pad + decomplen) {
 	    ssh->pktin.maxlen = st->pad + decomplen;
@@ -1777,7 +1780,8 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring)
 	(ssh->cfg.sshbug_ignore1 == AUTO &&
 	 (!strcmp(imp, "1.2.18") || !strcmp(imp, "1.2.19") ||
 	  !strcmp(imp, "1.2.20") || !strcmp(imp, "1.2.21") ||
-	  !strcmp(imp, "1.2.22") || !strcmp(imp, "Cisco-1.25")))) {
+	  !strcmp(imp, "1.2.22") || !strcmp(imp, "Cisco-1.25") ||
+	  !strcmp(imp, "OSU_1.4alpha3")))) {
 	/*
 	 * These versions don't support SSH1_MSG_IGNORE, so we have
 	 * to use a different defence against password length
@@ -1789,7 +1793,7 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring)
 
     if (ssh->cfg.sshbug_plainpw1 == FORCE_ON ||
 	(ssh->cfg.sshbug_plainpw1 == AUTO &&
-	 (!strcmp(imp, "Cisco-1.25")))) {
+	 (!strcmp(imp, "Cisco-1.25") || !strcmp(imp, "OSU_1.4alpha3")))) {
 	/*
 	 * These versions need a plain password sent; they can't
 	 * handle having a null and a random length of data after
@@ -2165,7 +2169,6 @@ static const char *connect_to_host(Ssh ssh, char *host, int port,
     ssh->fn = &fn_table;
     ssh->s = new_connection(addr, *realhost, port,
 			    0, 1, nodelay, (Plug) ssh, &ssh->cfg);
-    sk_addr_free(addr);
     if ((err = sk_socket_error(ssh->s)) != NULL) {
 	ssh->s = NULL;
 	return err;
@@ -2599,7 +2602,7 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, int ispkt)
     /* Load the public half of ssh->cfg.keyfile so we notice if it's in Pageant */
     if (!filename_is_null(ssh->cfg.keyfile)) {
 	if (!rsakey_pubblob(&ssh->cfg.keyfile,
-			    &s->publickey_blob, &s->publickey_bloblen))
+			    &s->publickey_blob, &s->publickey_bloblen, NULL))
 	    s->publickey_blob = NULL;
     } else
 	s->publickey_blob = NULL;
@@ -2885,11 +2888,15 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, int ispkt)
 	    s->tried_publickey = 1;
 	    
 	    {
-		int ret = loadrsakey(&ssh->cfg.keyfile, &s->key, s->password);
+		const char *error = NULL;
+		int ret = loadrsakey(&ssh->cfg.keyfile, &s->key, s->password,
+				     &error);
 		if (ret == 0) {
 		    c_write_str(ssh, "Couldn't load private key from ");
 		    c_write_str(ssh, filename_to_str(&ssh->cfg.keyfile));
-		    c_write_str(ssh, ".\r\n");
+		    c_write_str(ssh, " (");
+		    c_write_str(ssh, error);
+		    c_write_str(ssh, ").\r\n");
 		    continue;	       /* go and try password */
 		}
 		if (ret == -1) {
@@ -4583,7 +4590,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt)
 	    if (keytype == SSH_KEYTYPE_SSH2) {
 		s->publickey_blob =
 		    ssh2_userkey_loadpub(&ssh->cfg.keyfile, NULL,
-					 &s->publickey_bloblen);
+					 &s->publickey_bloblen, NULL);
 	    } else {
 		char *msgbuf;
 		logeventf(ssh, "Unable to use this key file (%s)",
@@ -4913,7 +4920,8 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt)
 		pub_blob =
 		    (unsigned char *)ssh2_userkey_loadpub(&ssh->cfg.keyfile,
 							  &algorithm,
-							  &pub_blob_len);
+							  &pub_blob_len,
+							  NULL);
 		if (pub_blob) {
 		    ssh2_pkt_init(ssh, SSH2_MSG_USERAUTH_REQUEST);
 		    ssh2_pkt_addstring(ssh, s->username);
@@ -5090,14 +5098,18 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt)
 		 * We have our passphrase. Now try the actual authentication.
 		 */
 		struct ssh2_userkey *key;
+		const char *error = NULL;
 
-		key = ssh2_load_userkey(&ssh->cfg.keyfile, s->password);
+		key = ssh2_load_userkey(&ssh->cfg.keyfile, s->password,
+					&error);
 		if (key == SSH2_WRONG_PASSPHRASE || key == NULL) {
 		    if (key == SSH2_WRONG_PASSPHRASE) {
 			c_write_str(ssh, "Wrong passphrase\r\n");
 			s->tried_pubkey_config = FALSE;
 		    } else {
-			c_write_str(ssh, "Unable to load private key\r\n");
+			c_write_str(ssh, "Unable to load private key (");
+			c_write_str(ssh, error);
+			c_write_str(ssh, ")\r\n");
 			s->tried_pubkey_config = TRUE;
 		    }
 		    /* Send a spurious AUTH_NONE to return to the top. */