diff options
| author | Damien Miller <djm@mindrot.org> | 2009-02-14 16:33:31 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2009-02-14 16:33:31 +1100 |
| commit | 923e8bb7dc921b3136320f126976bfeee11c9e41 (patch) | |
| tree | b6ee668c45a15c12372e84fa912fe11df7267fe7 | |
| parent | 330d58587f05fd34f3b1d20a64d254ea0470a6cc (diff) | |
- djm@cvs.openbsd.org 2009/02/12 03:26:22
[monitor.c]
some paranoia: check that the serialised key is really KEY_RSA before
diddling its internals
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | monitor.c | 6 |
2 files changed, 9 insertions, 3 deletions
| @@ -14,6 +14,10 @@ | |||
| 14 | [serverloop.c] | 14 | [serverloop.c] |
| 15 | tighten check for -R0:... forwarding: only allow dynamic allocation | 15 | tighten check for -R0:... forwarding: only allow dynamic allocation |
| 16 | if want_reply is set in the packet | 16 | if want_reply is set in the packet |
| 17 | - djm@cvs.openbsd.org 2009/02/12 03:26:22 | ||
| 18 | [monitor.c] | ||
| 19 | some paranoia: check that the serialised key is really KEY_RSA before | ||
| 20 | diddling its internals | ||
| 17 | 21 | ||
| 18 | 20090212 | 22 | 20090212 |
| 19 | - (djm) [sshpty.c] bz#1419: OSX uses cloning ptys that automagically | 23 | - (djm) [sshpty.c] bz#1419: OSX uses cloning ptys that automagically |
| @@ -5140,5 +5144,5 @@ | |||
| 5140 | OpenServer 6 and add osr5bigcrypt support so when someone migrates | 5144 | OpenServer 6 and add osr5bigcrypt support so when someone migrates |
| 5141 | passwords between UnixWare and OpenServer they will still work. OK dtucker@ | 5145 | passwords between UnixWare and OpenServer they will still work. OK dtucker@ |
| 5142 | 5146 | ||
| 5143 | $Id: ChangeLog,v 1.5188 2009/02/14 05:33:09 djm Exp $ | 5147 | $Id: ChangeLog,v 1.5189 2009/02/14 05:33:31 djm Exp $ |
| 5144 | 5148 | ||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: monitor.c,v 1.100 2008/11/04 08:22:13 djm Exp $ */ | 1 | /* $OpenBSD: monitor.c,v 1.101 2009/02/12 03:26:22 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
| 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
| @@ -1500,7 +1500,9 @@ mm_answer_rsa_challenge(int sock, Buffer *m) | |||
| 1500 | fatal("%s: key type mismatch", __func__); | 1500 | fatal("%s: key type mismatch", __func__); |
| 1501 | if ((key = key_from_blob(blob, blen)) == NULL) | 1501 | if ((key = key_from_blob(blob, blen)) == NULL) |
| 1502 | fatal("%s: received bad key", __func__); | 1502 | fatal("%s: received bad key", __func__); |
| 1503 | 1503 | if (key->type != KEY_RSA) | |
| 1504 | fatal("%s: received bad key type %d", __func__, key->type); | ||
| 1505 | key->type = KEY_RSA1; | ||
| 1504 | if (ssh1_challenge) | 1506 | if (ssh1_challenge) |
| 1505 | BN_clear_free(ssh1_challenge); | 1507 | BN_clear_free(ssh1_challenge); |
| 1506 | ssh1_challenge = auth_rsa_generate_challenge(key); | 1508 | ssh1_challenge = auth_rsa_generate_challenge(key); |