diff options
author | djm@openbsd.org <djm@openbsd.org> | 2017-12-18 23:14:34 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2017-12-19 15:21:37 +1100 |
commit | 966ef478339ad5e631fb684d2a8effe846ce3fd4 (patch) | |
tree | 4f44ec1e3c32afb2be10d290f5b3298fef0c4df7 | |
parent | 349ecd4da3a985359694a74635748009be6baca6 (diff) |
upstream commit
log mismatched RSA signature types; ok markus@
OpenBSD-Commit-ID: 381bddfcc1e297a42292222f3bcb5ac2b7ea2418
-rw-r--r-- | ssh-rsa.c | 5 |
1 files changed, 4 insertions, 1 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-rsa.c,v 1.63 2017/12/18 02:25:15 djm Exp $ */ | 1 | /* $OpenBSD: ssh-rsa.c,v 1.64 2017/12/18 23:14:34 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> | 3 | * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> |
4 | * | 4 | * |
@@ -33,6 +33,7 @@ | |||
33 | #define SSHKEY_INTERNAL | 33 | #define SSHKEY_INTERNAL |
34 | #include "sshkey.h" | 34 | #include "sshkey.h" |
35 | #include "digest.h" | 35 | #include "digest.h" |
36 | #include "log.h" | ||
36 | 37 | ||
37 | static int openssh_RSA_verify(int, u_char *, size_t, u_char *, size_t, RSA *); | 38 | static int openssh_RSA_verify(int, u_char *, size_t, u_char *, size_t, RSA *); |
38 | 39 | ||
@@ -223,6 +224,8 @@ ssh_rsa_verify(const struct sshkey *key, | |||
223 | /* XXX djm: need cert types that reliably yield SHA-2 signatures */ | 224 | /* XXX djm: need cert types that reliably yield SHA-2 signatures */ |
224 | if (alg != NULL && strcmp(alg, sigtype) != 0 && | 225 | if (alg != NULL && strcmp(alg, sigtype) != 0 && |
225 | strcmp(alg, "ssh-rsa-cert-v01@openssh.com") != 0) { | 226 | strcmp(alg, "ssh-rsa-cert-v01@openssh.com") != 0) { |
227 | error("%s: RSA signature type mismatch: " | ||
228 | "expected %s received %s", __func__, alg, sigtype); | ||
226 | ret = SSH_ERR_SIGNATURE_INVALID; | 229 | ret = SSH_ERR_SIGNATURE_INVALID; |
227 | goto out; | 230 | goto out; |
228 | } | 231 | } |