diff options
author | djm@openbsd.org <djm@openbsd.org> | 2017-12-18 02:25:15 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2017-12-19 15:21:37 +1100 |
commit | 04c7e28f83062dc42f2380d1bb3a6bf0190852c0 (patch) | |
tree | bc2c59d39a33aba84e0576039474668ada2546d2 /auth2-hostbased.c | |
parent | 931c78dfd7fe30669681a59e536bbe66535f3ee9 (diff) |
upstream commit
pass negotiated signing algorithm though to
sshkey_verify() and check that the negotiated algorithm matches the type in
the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@
OpenBSD-Commit-ID: 735fb15bf4adc060d3bee9d047a4bcaaa81b1af9
Diffstat (limited to 'auth2-hostbased.c')
-rw-r--r-- | auth2-hostbased.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/auth2-hostbased.c b/auth2-hostbased.c index 92758b38..8112cfaa 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-hostbased.c,v 1.31 2017/06/24 06:34:38 djm Exp $ */ +/* $OpenBSD: auth2-hostbased.c,v 1.32 2017/12/18 02:25:15 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -144,7 +144,7 @@ userauth_hostbased(struct ssh *ssh) authenticated = 0; if (PRIVSEP(hostbased_key_allowed(authctxt->pw, cuser, chost, key)) && PRIVSEP(sshkey_verify(key, sig, slen, - sshbuf_ptr(b), sshbuf_len(b), ssh->compat)) == 0) + sshbuf_ptr(b), sshbuf_len(b), pkalg, ssh->compat)) == 0) authenticated = 1; auth2_record_key(authctxt, authenticated, key); |