diff options
| author | Damien Miller <djm@mindrot.org> | 1999-11-09 10:35:52 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 1999-11-09 10:35:52 +1100 |
| commit | da217a02796934a87ace9e0859ab4af8be1893ce (patch) | |
| tree | a5f3eab4e630a01283d54de6aebf2dbaf2d8df5a /sshconnect.c | |
| parent | c7b38ceed6030484c61c71ea9fafaca6b34a297e (diff) | |
- Merged OpenBSD CVS changes:
- [rsa.c] bugfix: use correct size for memset()
- [sshconnect.c] warn if announced size of modulus 'n' != real size
Diffstat (limited to 'sshconnect.c')
| -rw-r--r-- | sshconnect.c | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/sshconnect.c b/sshconnect.c index a6f3788f..a16e25a8 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -16,7 +16,7 @@ login (authentication) dialog. #include "config.h" #include "includes.h" -RCSID("$Id: sshconnect.c,v 1.4 1999/11/08 05:15:55 damien Exp $"); +RCSID("$Id: sshconnect.c,v 1.5 1999/11/08 23:35:52 damien Exp $"); #ifdef HAVE_OPENSSL #include <openssl/bn.h> @@ -1022,6 +1022,7 @@ void ssh_login(int host_key_valid, BIGNUM *key; RSA *host_key, *file_key; RSA *public_key; + int bits, rbits; unsigned char session_key[SSH_SESSION_KEY_LENGTH]; const char *server_user, *local_user; char *cp, *host, *ip = NULL; @@ -1068,7 +1069,7 @@ void ssh_login(int host_key_valid, /* Get the public key. */ public_key = RSA_new(); - packet_get_int(); /* bits */ + bits = packet_get_int(); /* bits */ public_key->e = BN_new(); packet_get_bignum(public_key->e, &clen); sum_len += clen; @@ -1076,9 +1077,16 @@ void ssh_login(int host_key_valid, packet_get_bignum(public_key->n, &clen); sum_len += clen; + rbits = BN_num_bits(public_key->n); + if (bits != rbits) { + log("Warning: Server lies about size of server public key,"); + log("Warning: this may be due to an old implementation of ssh."); + log("Warning: (actual size %d bits, announced size %d bits)", rbits, bits); + } + /* Get the host key. */ host_key = RSA_new(); - packet_get_int(); /* bits */ + bits = packet_get_int(); /* bits */ host_key->e = BN_new(); packet_get_bignum(host_key->e, &clen); sum_len += clen; @@ -1086,6 +1094,13 @@ void ssh_login(int host_key_valid, packet_get_bignum(host_key->n, &clen); sum_len += clen; + rbits = BN_num_bits(host_key->n); + if (bits != rbits) { + log("Warning: Server lies about size of server host key,"); + log("Warning: this may be due to an old implementation of ssh."); + log("Warning: (actual size %d bits, announced size %d bits)", rbits, bits); + } + /* Store the host key from the known host file in here * so that we can compare it with the key for the IP * address. */ |