- djm@cvs.openbsd.org 2009/02/12 03:26:22
[monitor.c] some paranoia: check that the serialised key is really KEY_RSA before diddling its internals
This commit is contained in:
parent
330d58587f
commit
923e8bb7dc
|
@ -14,6 +14,10 @@
|
|||
[serverloop.c]
|
||||
tighten check for -R0:... forwarding: only allow dynamic allocation
|
||||
if want_reply is set in the packet
|
||||
- djm@cvs.openbsd.org 2009/02/12 03:26:22
|
||||
[monitor.c]
|
||||
some paranoia: check that the serialised key is really KEY_RSA before
|
||||
diddling its internals
|
||||
|
||||
20090212
|
||||
- (djm) [sshpty.c] bz#1419: OSX uses cloning ptys that automagically
|
||||
|
@ -5140,5 +5144,5 @@
|
|||
OpenServer 6 and add osr5bigcrypt support so when someone migrates
|
||||
passwords between UnixWare and OpenServer they will still work. OK dtucker@
|
||||
|
||||
$Id: ChangeLog,v 1.5188 2009/02/14 05:33:09 djm Exp $
|
||||
$Id: ChangeLog,v 1.5189 2009/02/14 05:33:31 djm Exp $
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: monitor.c,v 1.100 2008/11/04 08:22:13 djm Exp $ */
|
||||
/* $OpenBSD: monitor.c,v 1.101 2009/02/12 03:26:22 djm Exp $ */
|
||||
/*
|
||||
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
|
||||
* Copyright 2002 Markus Friedl <markus@openbsd.org>
|
||||
|
@ -1500,7 +1500,9 @@ mm_answer_rsa_challenge(int sock, Buffer *m)
|
|||
fatal("%s: key type mismatch", __func__);
|
||||
if ((key = key_from_blob(blob, blen)) == NULL)
|
||||
fatal("%s: received bad key", __func__);
|
||||
|
||||
if (key->type != KEY_RSA)
|
||||
fatal("%s: received bad key type %d", __func__, key->type);
|
||||
key->type = KEY_RSA1;
|
||||
if (ssh1_challenge)
|
||||
BN_clear_free(ssh1_challenge);
|
||||
ssh1_challenge = auth_rsa_generate_challenge(key);
|
||||
|
|
Loading…
Reference in New Issue