summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2001-11-12 11:03:16 +1100
committerDamien Miller <djm@mindrot.org>2001-11-12 11:03:16 +1100
commit9af8c3c226b591f6cbb93eefcf2d56c9ddb3a682 (patch)
tree911b395b1df0118910491d61fb74893f7e93d3f6
parent9f64390f414b1148822ce11c9493b9cdd9bf7b7a (diff)
- markus@cvs.openbsd.org 2001/11/07 21:40:21
[ssh-rsa.c] ssh_rsa_sign/verify: SSH_BUG_SIGBLOB not supported
Diffstat
-rw-r--r--ChangeLog5
-rw-r--r--ssh-rsa.c10
2 files changed, 13 insertions, 2 deletions
diff --git a/ChangeLog b/ChangeLog
index 986c872e6..61255b37c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -27,6 +27,9 @@
27 [packet.c packet.h sshconnect2.c] 27 [packet.c packet.h sshconnect2.c]
28 pad using the padding field from the ssh2 packet instead of sending 28 pad using the padding field from the ssh2 packet instead of sending
29 extra ignore messages. tested against several other ssh servers. 29 extra ignore messages. tested against several other ssh servers.
30 - markus@cvs.openbsd.org 2001/11/07 21:40:21
31 [ssh-rsa.c]
32 ssh_rsa_sign/verify: SSH_BUG_SIGBLOB not supported
30 33
3120011109 3420011109
32 - (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK) 35 - (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK)
@@ -6836,4 +6839,4 @@
6836 - Wrote replacements for strlcpy and mkdtemp 6839 - Wrote replacements for strlcpy and mkdtemp
6837 - Released 1.0pre1 6840 - Released 1.0pre1
6838 6841
6839$Id: ChangeLog,v 1.1642 2001/11/12 00:02:52 djm Exp $ 6842$Id: ChangeLog,v 1.1643 2001/11/12 00:03:16 djm Exp $
diff --git a/ssh-rsa.c b/ssh-rsa.c
index 15ce5e977..27a6c5a53 100644
--- a/ssh-rsa.c
+++ b/ssh-rsa.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: ssh-rsa.c,v 1.10 2001/09/17 19:27:15 stevesk Exp $"); 26RCSID("$OpenBSD: ssh-rsa.c,v 1.11 2001/11/07 21:40:21 markus Exp $");
27 27
28#include <openssl/evp.h> 28#include <openssl/evp.h>
29#include <openssl/err.h> 29#include <openssl/err.h>
@@ -54,6 +54,10 @@ ssh_rsa_sign(
54 error("ssh_rsa_sign: no RSA key"); 54 error("ssh_rsa_sign: no RSA key");
55 return -1; 55 return -1;
56 } 56 }
57 if (datafellows & SSH_BUG_SIGBLOB) {
58 error("ssh_rsa_sign: SSH_BUG_SIGBLOB not supported");
59 return -1;
60 }
57 nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1; 61 nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1;
58 if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { 62 if ((evp_md = EVP_get_digestbynid(nid)) == NULL) {
59 error("ssh_rsa_sign: EVP_get_digestbynid %d failed", nid); 63 error("ssh_rsa_sign: EVP_get_digestbynid %d failed", nid);
@@ -124,6 +128,10 @@ ssh_rsa_verify(
124 error("ssh_rsa_verify: no RSA key"); 128 error("ssh_rsa_verify: no RSA key");
125 return -1; 129 return -1;
126 } 130 }
131 if (datafellows & SSH_BUG_SIGBLOB) {
132 error("ssh_rsa_verify: SSH_BUG_SIGBLOB not supported");
133 return -1;
134 }
127 if (BN_num_bits(key->rsa->n) < 768) { 135 if (BN_num_bits(key->rsa->n) < 768) {
128 error("ssh_rsa_verify: n too small: %d bits", 136 error("ssh_rsa_verify: n too small: %d bits",
129 BN_num_bits(key->rsa->n)); 137 BN_num_bits(key->rsa->n));
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 15:20:58 +0000