diff options
author | djm@openbsd.org <djm@openbsd.org> | 2017-12-18 02:25:15 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2017-12-19 15:21:37 +1100 |
commit | 04c7e28f83062dc42f2380d1bb3a6bf0190852c0 (patch) | |
tree | bc2c59d39a33aba84e0576039474668ada2546d2 /auth2-pubkey.c | |
parent | 931c78dfd7fe30669681a59e536bbe66535f3ee9 (diff) |
upstream commit
pass negotiated signing algorithm though to
sshkey_verify() and check that the negotiated algorithm matches the type in
the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@
OpenBSD-Commit-ID: 735fb15bf4adc060d3bee9d047a4bcaaa81b1af9
Diffstat (limited to 'auth2-pubkey.c')
-rw-r--r-- | auth2-pubkey.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 169839b0..0707b8ab 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.71 2017/09/07 23:48:09 djm Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.72 2017/12/18 02:25:15 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -198,7 +198,7 @@ userauth_pubkey(struct ssh *ssh) authenticated = 0; if (PRIVSEP(user_key_allowed(authctxt->pw, key, 1)) && PRIVSEP(sshkey_verify(key, sig, slen, sshbuf_ptr(b), - sshbuf_len(b), ssh->compat)) == 0) { + sshbuf_len(b), pkalg, ssh->compat)) == 0) { authenticated = 1; } sshbuf_free(b); |