upstream commit

log mismatched RSA signature types; ok markus@ OpenBSD-Commit-ID: 381bddfcc1e297a42292222f3bcb5ac2b7ea2418
author: djm@openbsd.org <djm@openbsd.org> 2017-12-18 23:14:34 +0000
committer: Damien Miller <djm@mindrot.org> 2017-12-19 15:21:37 +1100
commit: 966ef478339ad5e631fb684d2a8effe846ce3fd4 (patch)
tree: 4f44ec1e3c32afb2be10d290f5b3298fef0c4df7 /ssh-rsa.c
parent: 349ecd4da3a985359694a74635748009be6baca6 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/ssh-rsa.c b/ssh-rsa.c
index 9b4de8e8d..592822ae4 100644
--- a/ssh-rsa.c
+++ b/ssh-rsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-rsa.c,v 1.63 2017/12/18 02:25:15 djm Exp $ */
+/* $OpenBSD: ssh-rsa.c,v 1.64 2017/12/18 23:14:34 djm Exp $ */
 /*
 * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org>
 *
@@ -33,6 +33,7 @@
 #define SSHKEY_INTERNAL
 #include "sshkey.h"
 #include "digest.h"
+#include "log.h"
 static int openssh_RSA_verify(int, u_char *, size_t, u_char *, size_t, RSA *);
@@ -223,6 +224,8 @@ ssh_rsa_verify(const struct sshkey *key,
        /* XXX djm: need cert types that reliably yield SHA-2 signatures */
        if (alg != NULL && strcmp(alg, sigtype) != 0 &&
            strcmp(alg, "ssh-rsa-cert-v01@openssh.com") != 0) {
+                error("%s: RSA signature type mismatch: "
+                    "expected %s received %s", __func__, alg, sigtype);
                ret = SSH_ERR_SIGNATURE_INVALID;
                goto out;
        }
author	djm@openbsd.org <djm@openbsd.org>	2017-12-18 23:14:34 +0000
committer	Damien Miller <djm@mindrot.org>	2017-12-19 15:21:37 +1100
commit	966ef478339ad5e631fb684d2a8effe846ce3fd4 (patch)
tree	4f44ec1e3c32afb2be10d290f5b3298fef0c4df7 /ssh-rsa.c
parent	349ecd4da3a985359694a74635748009be6baca6 (diff)