OpenSSH 6.6.x sends invalid SSH_MSG_USERAUTH_INFO_REQUEST

Darren Tucker dtucker at zip.com.au
Tue Apr 7 15:36:28 AEST 2015


On Tue, Apr 7, 2015 at 3:08 PM, Peter Gutmann <pgut001 at cs.auckland.ac.nz>
wrote:

> Darren Tucker <dtucker at zip.com.au> writes:
> [...]
> My code checks for sane values in the fields in the packet, so it rejects
> it
> as malformed before it gets to the interesting philosophical issue of how
> to
> send a response to a request for zero responses.


IMO it's not malformed, see below.

>If it was just the prompt part of the packet, what's in the name and
> >instruction fields?
>
> Nothing.  All fields are empty,


That's explicitly allowed by RFC4256.  In addition to allowing zero
prompts, section 3.2 also says:

 "The language tag is deprecated and SHOULD be the empty string."

and

  "The name and instruction fields MAY be empty strings; the client MUST
   be prepared to handle this correctly.  The prompt field(s) MUST NOT
   be empty strings."


> >Zero prompts is specifically allowed by RFC4256 section 3.2:
>
[...]

> Sure, but since they're also empty there's nothing to display.

So it's really
> a case of "what do you do in response to a request for zero responses?".


Do what it says in RFC4256 section 3.4?

   "In the case that the server sends a `0' num-prompts field in the
   request message, the client MUST send a response message with a `0'
   num-responses field to complete the exchange."

  I'm not sure if promulgating koans was a goal of OpenSSH.


I'd like to think one of the goals was implementing the RFCs :-)

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.


More information about the openssh-unix-dev mailing list