diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 2002-02-03 17:59:24 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 2002-02-03 17:59:24 +0000 |
| commit | 89cec8272ce4431e2ad45df5cd51fe752ad05ee3 (patch) | |
| tree | c29d470959f6707e41f6033751b16987e02414ac /usr.bin/ssh | |
| parent | 7706879388ada22b394105043b4af9b902f58577 (diff) | |
more cross checking if announced vs. used key type; ok stevesk@
Diffstat (limited to 'usr.bin/ssh')
| -rw-r--r-- | usr.bin/ssh/sshconnect2.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/usr.bin/ssh/sshconnect2.c b/usr.bin/ssh/sshconnect2.c index e4e20cad2d3..ea8cfa6da27 100644 --- a/usr.bin/ssh/sshconnect2.c +++ b/usr.bin/ssh/sshconnect2.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect2.c,v 1.94 2002/01/25 21:00:24 markus Exp $"); +RCSID("$OpenBSD: sshconnect2.c,v 1.95 2002/02/03 17:59:23 markus Exp $"); #include "ssh.h" #include "ssh2.h" @@ -353,7 +353,7 @@ input_userauth_pk_ok(int type, u_int32_t seq, void *ctxt) Authctxt *authctxt = ctxt; Key *key = NULL; Buffer b; - int alen, blen, sent = 0; + int pktype, alen, blen, sent = 0; char *pkalg, *pkblob, *fp; if (authctxt == NULL) @@ -381,7 +381,7 @@ input_userauth_pk_ok(int type, u_int32_t seq, void *ctxt) debug("no last key or no sign cb"); break; } - if (key_type_from_name(pkalg) == KEY_UNSPEC) { + if ((pktype = key_type_from_name(pkalg)) == KEY_UNSPEC) { debug("unknown pkalg %s", pkalg); break; } @@ -389,6 +389,12 @@ input_userauth_pk_ok(int type, u_int32_t seq, void *ctxt) debug("no key from blob. pkalg %s", pkalg); break; } + if (key->type != pktype) { + error("input_userauth_pk_ok: type mismatch " + "for decoded key (received %d, expected %d)", + key->type, pktype); + break; + } fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); debug2("input_userauth_pk_ok: fp %s", fp); xfree(fp); |