diff options
author | Damien Miller <djm@mindrot.org> | 1999-11-09 10:35:52 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 1999-11-09 10:35:52 +1100 |
commit | da217a02796934a87ace9e0859ab4af8be1893ce (patch) | |
tree | a5f3eab4e630a01283d54de6aebf2dbaf2d8df5a /sshconnect.c | |
parent | c7b38ceed6030484c61c71ea9fafaca6b34a297e (diff) |
- Merged OpenBSD CVS changes:
- [rsa.c] bugfix: use correct size for memset()
- [sshconnect.c] warn if announced size of modulus 'n' != real size
Diffstat (limited to 'sshconnect.c')
-rw-r--r-- | sshconnect.c | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/sshconnect.c b/sshconnect.c index a6f3788f5..a16e25a8d 100644 --- a/sshconnect.c +++ b/sshconnect.c | |||
@@ -16,7 +16,7 @@ login (authentication) dialog. | |||
16 | 16 | ||
17 | #include "config.h" | 17 | #include "config.h" |
18 | #include "includes.h" | 18 | #include "includes.h" |
19 | RCSID("$Id: sshconnect.c,v 1.4 1999/11/08 05:15:55 damien Exp $"); | 19 | RCSID("$Id: sshconnect.c,v 1.5 1999/11/08 23:35:52 damien Exp $"); |
20 | 20 | ||
21 | #ifdef HAVE_OPENSSL | 21 | #ifdef HAVE_OPENSSL |
22 | #include <openssl/bn.h> | 22 | #include <openssl/bn.h> |
@@ -1022,6 +1022,7 @@ void ssh_login(int host_key_valid, | |||
1022 | BIGNUM *key; | 1022 | BIGNUM *key; |
1023 | RSA *host_key, *file_key; | 1023 | RSA *host_key, *file_key; |
1024 | RSA *public_key; | 1024 | RSA *public_key; |
1025 | int bits, rbits; | ||
1025 | unsigned char session_key[SSH_SESSION_KEY_LENGTH]; | 1026 | unsigned char session_key[SSH_SESSION_KEY_LENGTH]; |
1026 | const char *server_user, *local_user; | 1027 | const char *server_user, *local_user; |
1027 | char *cp, *host, *ip = NULL; | 1028 | char *cp, *host, *ip = NULL; |
@@ -1068,7 +1069,7 @@ void ssh_login(int host_key_valid, | |||
1068 | 1069 | ||
1069 | /* Get the public key. */ | 1070 | /* Get the public key. */ |
1070 | public_key = RSA_new(); | 1071 | public_key = RSA_new(); |
1071 | packet_get_int(); /* bits */ | 1072 | bits = packet_get_int(); /* bits */ |
1072 | public_key->e = BN_new(); | 1073 | public_key->e = BN_new(); |
1073 | packet_get_bignum(public_key->e, &clen); | 1074 | packet_get_bignum(public_key->e, &clen); |
1074 | sum_len += clen; | 1075 | sum_len += clen; |
@@ -1076,9 +1077,16 @@ void ssh_login(int host_key_valid, | |||
1076 | packet_get_bignum(public_key->n, &clen); | 1077 | packet_get_bignum(public_key->n, &clen); |
1077 | sum_len += clen; | 1078 | sum_len += clen; |
1078 | 1079 | ||
1080 | rbits = BN_num_bits(public_key->n); | ||
1081 | if (bits != rbits) { | ||
1082 | log("Warning: Server lies about size of server public key,"); | ||
1083 | log("Warning: this may be due to an old implementation of ssh."); | ||
1084 | log("Warning: (actual size %d bits, announced size %d bits)", rbits, bits); | ||
1085 | } | ||
1086 | |||
1079 | /* Get the host key. */ | 1087 | /* Get the host key. */ |
1080 | host_key = RSA_new(); | 1088 | host_key = RSA_new(); |
1081 | packet_get_int(); /* bits */ | 1089 | bits = packet_get_int(); /* bits */ |
1082 | host_key->e = BN_new(); | 1090 | host_key->e = BN_new(); |
1083 | packet_get_bignum(host_key->e, &clen); | 1091 | packet_get_bignum(host_key->e, &clen); |
1084 | sum_len += clen; | 1092 | sum_len += clen; |
@@ -1086,6 +1094,13 @@ void ssh_login(int host_key_valid, | |||
1086 | packet_get_bignum(host_key->n, &clen); | 1094 | packet_get_bignum(host_key->n, &clen); |
1087 | sum_len += clen; | 1095 | sum_len += clen; |
1088 | 1096 | ||
1097 | rbits = BN_num_bits(host_key->n); | ||
1098 | if (bits != rbits) { | ||
1099 | log("Warning: Server lies about size of server host key,"); | ||
1100 | log("Warning: this may be due to an old implementation of ssh."); | ||
1101 | log("Warning: (actual size %d bits, announced size %d bits)", rbits, bits); | ||
1102 | } | ||
1103 | |||
1089 | /* Store the host key from the known host file in here | 1104 | /* Store the host key from the known host file in here |
1090 | * so that we can compare it with the key for the IP | 1105 | * so that we can compare it with the key for the IP |
1091 | * address. */ | 1106 | * address. */ |