diff options
author | djm@openbsd.org <djm@openbsd.org> | 2017-12-18 02:25:15 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2017-12-19 15:21:37 +1100 |
commit | 04c7e28f83062dc42f2380d1bb3a6bf0190852c0 (patch) | |
tree | bc2c59d39a33aba84e0576039474668ada2546d2 /monitor.c | |
parent | 931c78dfd7fe30669681a59e536bbe66535f3ee9 (diff) |
upstream commit
pass negotiated signing algorithm though to
sshkey_verify() and check that the negotiated algorithm matches the type in
the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@
OpenBSD-Commit-ID: 735fb15bf4adc060d3bee9d047a4bcaaa81b1af9
Diffstat (limited to 'monitor.c')
-rw-r--r-- | monitor.c | 8 |
1 files changed, 5 insertions, 3 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.175 2017/10/05 15:52:03 djm Exp $ */ +/* $OpenBSD: monitor.c,v 1.176 2017/12/18 02:25:15 djm Exp $ */ /* * Copyright 2002 Niels Provos <provos@citi.umich.edu> * Copyright 2002 Markus Friedl <markus@openbsd.org> @@ -1339,12 +1339,14 @@ mm_answer_keyverify(int sock, struct sshbuf *m) { struct sshkey *key; u_char *signature, *data, *blob; + char *sigalg; size_t signaturelen, datalen, bloblen; int r, ret, valid_data = 0, encoded_ret; if ((r = sshbuf_get_string(m, &blob, &bloblen)) != 0 || (r = sshbuf_get_string(m, &signature, &signaturelen)) != 0 || - (r = sshbuf_get_string(m, &data, &datalen)) != 0) + (r = sshbuf_get_string(m, &data, &datalen)) != 0 || + (r = sshbuf_get_cstring(m, &sigalg, NULL)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); if (hostbased_cuser == NULL || hostbased_chost == NULL || @@ -1373,7 +1375,7 @@ mm_answer_keyverify(int sock, struct sshbuf *m) fatal("%s: bad signature data blob", __func__); ret = sshkey_verify(key, signature, signaturelen, data, datalen, - active_state->compat); + sigalg, active_state->compat); debug3("%s: %s %p signature %s", __func__, auth_method, key, (ret == 0) ? "verified" : "unverified"); auth2_record_key(authctxt, ret == 0, key); |