Index: protocols/sserver.cpp =================================================================== RCS file: /usr/local/cvs/cvsnt/protocols/sserver.c,v retrieving revision 1.16.2.44.4.2.2.12 diff -c -r1.16.2.44.4.2.2.12 sserver.cpp *** protocols/sserver.cpp 14 Feb 2020 02:37:21 -0000 1.16.2.44.4.2.2.12 --- protocols/sserver.cpp 13 Aug 2021 09:19:36 -0000 *************** *** 164,169 **** --- 164,170 ---- char server_version[128]; char tmp_keyname[256]; const char *begin_request = "BEGIN SSL AUTH REQUEST"; + char begin_request_sent[512]; const char *end_request = "END SSL AUTH REQUEST"; const char *username = NULL; const char *key = current_server()->current_root->optional_3; *************** *** 285,291 **** if(sserver_version == 0) /* Pre-CVSNT had no version check */ { ! if(tcp_printf("%s\n",begin_request)<0) return CVSPROTO_FAIL; for(;;) { --- 286,293 ---- if(sserver_version == 0) /* Pre-CVSNT had no version check */ { ! strcpy(begin_request_sent,"%s\n"); ! if(tcp_printf(begin_request_sent,begin_request)<0) return CVSPROTO_FAIL; for(;;) { *************** *** 393,399 **** } } ! #if OPENSSL_VERSION_NUMBER < 0x10002000L SSL_CIPHER *client_cipher = SSL_get_current_cipher(ssl); #else const SSL_CIPHER *client_cipher = SSL_get_current_cipher(ssl); --- 395,401 ---- } } ! #if OPENSSL_VERSION_NUMBER < 0x10001000L SSL_CIPHER *client_cipher = SSL_get_current_cipher(ssl); #else const SSL_CIPHER *client_cipher = SSL_get_current_cipher(ssl); *************** *** 415,432 **** if(sserver_version == 1) { ! if(sserver_printf("%s\n",begin_request)<0) return CVSPROTO_FAIL; } // For server versions 1.1+ send CLIENT_VERSION_STRING ! if(send_client_version && sserver_printf(SSERVER_CLIENT_VERSION_STRING)<0) return CVSPROTO_FAIL; ! if(sserver_printf("%s\n%s\n",current_server()->current_root->directory,username)<0) return CVSPROTO_FAIL; ! if(sserver_printf("%s\n",crypt_password)<0) return CVSPROTO_FAIL; ! if(sserver_printf("%s\n",end_request)<0) return CVSPROTO_FAIL; if (client_ciphers!=NULL) --- 417,439 ---- if(sserver_version == 1) { ! strcpy(begin_request_sent,"%s\n"); ! if(sserver_printf(begin_request_sent,begin_request)<0) return CVSPROTO_FAIL; } // For server versions 1.1+ send CLIENT_VERSION_STRING ! strcpy(begin_request_sent,"%s"); ! if(send_client_version && sserver_printf(begin_request_sent,SSERVER_CLIENT_VERSION_STRING)<0) return CVSPROTO_FAIL; ! strcpy(begin_request_sent,"%s\n%s\n"); ! if(sserver_printf(begin_request_sent,current_server()->current_root->directory,username)<0) return CVSPROTO_FAIL; ! strcpy(begin_request_sent,"%s\n"); ! if(sserver_printf(begin_request_sent,crypt_password)<0) return CVSPROTO_FAIL; ! strcpy(begin_request_sent,"%s\n"); ! if(sserver_printf(begin_request_sent,end_request)<0) return CVSPROTO_FAIL; if (client_ciphers!=NULL) *************** *** 496,501 **** --- 503,509 ---- char server_cipher_desc[1024]; char *client_version = NULL; unsigned long argp = 1; + size_t auth_prot_connect_res = 0; inauth = true; snprintf(certs,sizeof(certs),"%s/ca.pem",PATCH_NULL(current_server()->config_dir)); *************** *** 509,515 **** return CVSPROTO_NOTME; CServerIo::trace(99,"SSERVER:auth_protocol_connect() certs=\"%s\" auth_string=\"%s\"",certs,auth_string); ! write(current_server()->out_fd,SSERVER_INIT_STRING,sizeof(SSERVER_INIT_STRING)-1); #ifdef FIONBIO // force the socket back to blocking! --- 517,523 ---- return CVSPROTO_NOTME; CServerIo::trace(99,"SSERVER:auth_protocol_connect() certs=\"%s\" auth_string=\"%s\"",certs,auth_string); ! auth_prot_connect_res = write(current_server()->out_fd,SSERVER_INIT_STRING,sizeof(SSERVER_INIT_STRING)-1); #ifdef FIONBIO // force the socket back to blocking! *************** *** 678,684 **** X509 *cert = SSL_get_peer_certificate(ssl); CServerIo::trace(99,"SSERVER:auth_protocol_connect() -- SSL_get_current_cipher()"); ! #if OPENSSL_VERSION_NUMBER < 0x10002000L SSL_CIPHER *server_cipher = SSL_get_current_cipher(ssl); #else const SSL_CIPHER *server_cipher = SSL_get_current_cipher(ssl); --- 686,692 ---- X509 *cert = SSL_get_peer_certificate(ssl); CServerIo::trace(99,"SSERVER:auth_protocol_connect() -- SSL_get_current_cipher()"); ! #if OPENSSL_VERSION_NUMBER < 0x10001000L SSL_CIPHER *server_cipher = SSL_get_current_cipher(ssl); #else const SSL_CIPHER *server_cipher = SSL_get_current_cipher(ssl);