diff options
author | Damien Miller <djm@mindrot.org> | 2001-01-30 09:27:26 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2001-01-30 09:27:26 +1100 |
commit | 7650bc68420a227212ba0ff5cd4a0d133471b872 (patch) | |
tree | 55d8d15e4cdd7407b7086e9c3cf9597539c81071 /ssh-agent.c | |
parent | d83ff35d66e11978e0b821ecbfa07011ddcb8868 (diff) |
- (djm) OpenBSD CVS Sync:
- markus@cvs.openbsd.org 2001/01/29 12:47:32
[rsa.c rsa.h ssh-agent.c sshconnect1.c sshd.c]
handle rsa_private_decrypt failures; helps against the Bleichenbacher
pkcs#1 attack
Diffstat (limited to 'ssh-agent.c')
-rw-r--r-- | ssh-agent.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/ssh-agent.c b/ssh-agent.c index 539f8ce7d..deed3ecae 100644 --- a/ssh-agent.c +++ b/ssh-agent.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-agent.c,v 1.48 2001/01/25 08:06:33 deraadt Exp $ */ | 1 | /* $OpenBSD: ssh-agent.c,v 1.49 2001/01/29 19:47:31 markus Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -37,7 +37,7 @@ | |||
37 | */ | 37 | */ |
38 | 38 | ||
39 | #include "includes.h" | 39 | #include "includes.h" |
40 | RCSID("$OpenBSD: ssh-agent.c,v 1.48 2001/01/25 08:06:33 deraadt Exp $"); | 40 | RCSID("$OpenBSD: ssh-agent.c,v 1.49 2001/01/29 19:47:31 markus Exp $"); |
41 | 41 | ||
42 | #include <openssl/evp.h> | 42 | #include <openssl/evp.h> |
43 | #include <openssl/md5.h> | 43 | #include <openssl/md5.h> |
@@ -198,7 +198,8 @@ process_authentication_challenge1(SocketEntry *e) | |||
198 | private = lookup_private_key(key, NULL, 1); | 198 | private = lookup_private_key(key, NULL, 1); |
199 | if (private != NULL) { | 199 | if (private != NULL) { |
200 | /* Decrypt the challenge using the private key. */ | 200 | /* Decrypt the challenge using the private key. */ |
201 | rsa_private_decrypt(challenge, challenge, private->rsa); | 201 | if (rsa_private_decrypt(challenge, challenge, private->rsa) <= 0) |
202 | goto failure; | ||
202 | 203 | ||
203 | /* The response is MD5 of decrypted challenge plus session id. */ | 204 | /* The response is MD5 of decrypted challenge plus session id. */ |
204 | len = BN_num_bytes(challenge); | 205 | len = BN_num_bytes(challenge); |