diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2017-03-15 02:19:10 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2017-03-15 02:19:10 +0000 |
| commit | 85aa8a89993129602c42aa709d428ef7025e6624 (patch) | |
| tree | 7a8ff767f5a526285525d30d9534d70190f060aa /usr.bin | |
| parent | 8ecac91bcb2247bd4b1447a937b563dfc40a8778 (diff) | |
Fix segfault when sshd attempts to load RSA1 keys (can only happen
when protocol v.1 support is enabled for the client). Reported by
Jakub Jelen in bz#2686; ok dtucker
Diffstat (limited to 'usr.bin')
| -rw-r--r-- | usr.bin/ssh/sshd.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c index c6be5c41b91..2d764809b82 100644 --- a/usr.bin/ssh/sshd.c +++ b/usr.bin/ssh/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.483 2017/02/24 03:16:34 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.484 2017/03/15 02:19:09 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -1551,6 +1551,15 @@ main(int ac, char **av) continue; key = key_load_private(options.host_key_files[i], "", NULL); pubkey = key_load_public(options.host_key_files[i], NULL); + + if ((pubkey != NULL && pubkey->type == KEY_RSA1) || + (key != NULL && key->type == KEY_RSA1)) { + verbose("Ignoring RSA1 key %s", + options.host_key_files[i]) + key_free(key); + key_free(pubkey); + continue; + } if (pubkey == NULL && key != NULL) pubkey = key_demote(key); sensitive_data.host_keys[i] = key; |