summaryrefslogtreecommitdiff
path: root/dsa.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2000-06-22 21:32:31 +1000
committerDamien Miller <djm@mindrot.org>2000-06-22 21:32:31 +1000
commit6536c7d3c9d0e794c5c85d4f1746b958d7e04343 (patch)
tree9551d0d84924d6a206130fb575df5d90f1cc7a28 /dsa.c
parent099f505f9526311e48f828e95d90d488fe237219 (diff)
- OpenBSD CVS Updates:
- markus@cvs.openbsd.org 2000/06/18 18:50:11 [auth2.c compat.c compat.h sshconnect2.c] make userauth+pubkey interop with ssh.com-2.2.0 - markus@cvs.openbsd.org 2000/06/18 20:56:17 [dsa.c] mem leak + be more paranoid in dsa_verify. - markus@cvs.openbsd.org 2000/06/18 21:29:50 [key.c] cleanup fingerprinting, less hardcoded sizes - markus@cvs.openbsd.org 2000/06/19 19:39:45 [atomicio.c auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c] [auth-rsa.c auth-skey.c authfd.c authfd.h authfile.c bufaux.c bufaux.h] [buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h] [clientloop.c compat.c compat.h compress.c compress.h crc32.c crc32.h] [deattack.c dispatch.c dsa.c fingerprint.c fingerprint.h getput.h hmac.c] [kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c] [nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c] [rsa.c rsa.h scp.c servconf.c servconf.h ssh-add.c ssh-keygen.c ssh.c] [ssh.h tildexpand.c ttymodes.c ttymodes.h uidswap.c xmalloc.c xmalloc.h] OpenBSD tag - markus@cvs.openbsd.org 2000/06/21 10:46:10 sshconnect2.c missing free; nuke old comment
Diffstat (limited to 'dsa.c')
-rw-r--r--dsa.c17
1 files changed, 13 insertions, 4 deletions
diff --git a/dsa.c b/dsa.c
index 51d7ff285..c1c37bceb 100644
--- a/dsa.c
+++ b/dsa.c
@@ -28,7 +28,7 @@
28 */ 28 */
29 29
30#include "includes.h" 30#include "includes.h"
31RCSID("$Id: dsa.c,v 1.7 2000/05/08 17:42:24 markus Exp $"); 31RCSID("$OpenBSD: dsa.c,v 1.9 2000/06/20 01:39:41 markus Exp $");
32 32
33#include "ssh.h" 33#include "ssh.h"
34#include "xmalloc.h" 34#include "xmalloc.h"
@@ -72,7 +72,7 @@ dsa_key_from_blob(
72 buffer_append(&b, blob, blen); 72 buffer_append(&b, blob, blen);
73 ktype = buffer_get_string(&b, NULL); 73 ktype = buffer_get_string(&b, NULL);
74 if (strcmp(KEX_DSS, ktype) != 0) { 74 if (strcmp(KEX_DSS, ktype) != 0) {
75 error("dsa_key_from_blob: cannot handle type %s", ktype); 75 error("dsa_key_from_blob: cannot handle type %s", ktype);
76 key_free(key); 76 key_free(key);
77 return NULL; 77 return NULL;
78 } 78 }
@@ -197,7 +197,6 @@ dsa_verify(
197 DSA_SIG *sig; 197 DSA_SIG *sig;
198 EVP_MD *evp_md = EVP_sha1(); 198 EVP_MD *evp_md = EVP_sha1();
199 EVP_MD_CTX md; 199 EVP_MD_CTX md;
200 char *ktype;
201 unsigned char *sigblob; 200 unsigned char *sigblob;
202 char *txt; 201 char *txt;
203 unsigned int len; 202 unsigned int len;
@@ -227,14 +226,24 @@ dsa_verify(
227 len = signaturelen; 226 len = signaturelen;
228 } else { 227 } else {
229 /* ietf-drafts */ 228 /* ietf-drafts */
229 char *ktype;
230 buffer_init(&b); 230 buffer_init(&b);
231 buffer_append(&b, (char *) signature, signaturelen); 231 buffer_append(&b, (char *) signature, signaturelen);
232 ktype = buffer_get_string(&b, NULL); 232 ktype = buffer_get_string(&b, NULL);
233 if (strcmp(KEX_DSS, ktype) != 0) {
234 error("dsa_verify: cannot handle type %s", ktype);
235 buffer_free(&b);
236 return -1;
237 }
233 sigblob = (unsigned char *)buffer_get_string(&b, &len); 238 sigblob = (unsigned char *)buffer_get_string(&b, &len);
234 rlen = buffer_len(&b); 239 rlen = buffer_len(&b);
235 if(rlen != 0) 240 if(rlen != 0) {
236 error("remaining bytes in signature %d", rlen); 241 error("remaining bytes in signature %d", rlen);
242 buffer_free(&b);
243 return -1;
244 }
237 buffer_free(&b); 245 buffer_free(&b);
246 xfree(ktype);
238 } 247 }
239 248
240 if (len != SIGBLOB_LEN) { 249 if (len != SIGBLOB_LEN) {
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-08 10:21:44 +0000