diff options
author | Brian Feldman <green@FreeBSD.org> | 2001-03-20 02:06:40 +0000 |
---|---|---|
committer | Brian Feldman <green@FreeBSD.org> | 2001-03-20 02:06:40 +0000 |
commit | e0fbb1d2de5da5201d80ec05cf2aee2d90e3f1b0 (patch) | |
tree | 6ee0582fe55db50a4ce6527a96062f3c29acdc40 /crypto/openssh/sshconnect1.c | |
parent | 4c96ae1554c33568dd598ae3f672dbae156ae237 (diff) | |
download | src-e0fbb1d2de5da5201d80ec05cf2aee2d90e3f1b0.tar.gz src-e0fbb1d2de5da5201d80ec05cf2aee2d90e3f1b0.zip |
Make password attacks based on traffic analysis harder by requiring that
"non-echoed" characters are still echoed back in a null packet, as well
as pad passwords sent to not give hints to the length otherwise.
Obtained from: OpenBSD
Notes
Notes:
svn path=/head/; revision=74500
Diffstat (limited to 'crypto/openssh/sshconnect1.c')
-rw-r--r-- | crypto/openssh/sshconnect1.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/crypto/openssh/sshconnect1.c b/crypto/openssh/sshconnect1.c index 4d7351ba58eb..2b2d5fc9dc57 100644 --- a/crypto/openssh/sshconnect1.c +++ b/crypto/openssh/sshconnect1.c @@ -640,7 +640,7 @@ try_skey_authentication() error("Permission denied, please try again."); response = read_passphrase("Response: ", 0); packet_start(SSH_CMSG_AUTH_TIS_RESPONSE); - packet_put_string(response, strlen(response)); + ssh_put_password(response); memset(response, 0, strlen(response)); xfree(response); packet_send(); @@ -673,7 +673,7 @@ try_password_authentication(char *prompt) error("Permission denied, please try again."); password = read_passphrase(prompt, 0); packet_start(SSH_CMSG_AUTH_PASSWORD); - packet_put_string(password, strlen(password)); + ssh_put_password(password); memset(password, 0, strlen(password)); xfree(password); packet_send(); |