diff options
author | Damien Miller <djm@mindrot.org> | 1999-11-08 16:15:55 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 1999-11-08 16:15:55 +1100 |
commit | fd7c911f090749774cf1869420523c4811beeeb0 (patch) | |
tree | cd57567ddb3371c0c805a8bd8ace0c66df02fa53 /sshconnect.c | |
parent | 5ac5f1ca6b5270e1a755d75120f8217f5850c9b2 (diff) |
Merged OpenBSD CVS changes that go away
Diffstat (limited to 'sshconnect.c')
-rw-r--r-- | sshconnect.c | 27 |
1 files changed, 21 insertions, 6 deletions
diff --git a/sshconnect.c b/sshconnect.c index 4222646d9..a6f3788f5 100644 --- a/sshconnect.c +++ b/sshconnect.c | |||
@@ -16,7 +16,7 @@ login (authentication) dialog. | |||
16 | 16 | ||
17 | #include "config.h" | 17 | #include "config.h" |
18 | #include "includes.h" | 18 | #include "includes.h" |
19 | RCSID("$Id: sshconnect.c,v 1.3 1999/10/28 05:23:30 damien Exp $"); | 19 | RCSID("$Id: sshconnect.c,v 1.4 1999/11/08 05:15:55 damien Exp $"); |
20 | 20 | ||
21 | #ifdef HAVE_OPENSSL | 21 | #ifdef HAVE_OPENSSL |
22 | #include <openssl/bn.h> | 22 | #include <openssl/bn.h> |
@@ -457,7 +457,10 @@ respond_to_rsa_challenge(BIGNUM *challenge, RSA *prv) | |||
457 | /* Compute the response. */ | 457 | /* Compute the response. */ |
458 | /* The response is MD5 of decrypted challenge plus session id. */ | 458 | /* The response is MD5 of decrypted challenge plus session id. */ |
459 | len = BN_num_bytes(challenge); | 459 | len = BN_num_bytes(challenge); |
460 | assert(len <= sizeof(buf) && len); | 460 | if (len <= 0 || len > sizeof(buf)) |
461 | packet_disconnect("respond_to_rsa_challenge: bad challenge length %d", | ||
462 | len); | ||
463 | |||
461 | memset(buf, 0, sizeof(buf)); | 464 | memset(buf, 0, sizeof(buf)); |
462 | BN_bn2bin(challenge, buf + sizeof(buf) - len); | 465 | BN_bn2bin(challenge, buf + sizeof(buf) - len); |
463 | MD5_Init(&md); | 466 | MD5_Init(&md); |
@@ -1298,8 +1301,14 @@ void ssh_login(int host_key_valid, | |||
1298 | if (BN_cmp(public_key->n, host_key->n) < 0) | 1301 | if (BN_cmp(public_key->n, host_key->n) < 0) |
1299 | { | 1302 | { |
1300 | /* Public key has smaller modulus. */ | 1303 | /* Public key has smaller modulus. */ |
1301 | assert(BN_num_bits(host_key->n) >= | 1304 | if (BN_num_bits(host_key->n) < |
1302 | BN_num_bits(public_key->n) + SSH_KEY_BITS_RESERVED); | 1305 | BN_num_bits(public_key->n) + SSH_KEY_BITS_RESERVED) { |
1306 | fatal("respond_to_rsa_challenge: host_key %d < public_key %d + " | ||
1307 | "SSH_KEY_BITS_RESERVED %d", | ||
1308 | BN_num_bits(host_key->n), | ||
1309 | BN_num_bits(public_key->n), | ||
1310 | SSH_KEY_BITS_RESERVED); | ||
1311 | } | ||
1303 | 1312 | ||
1304 | rsa_public_encrypt(key, key, public_key); | 1313 | rsa_public_encrypt(key, key, public_key); |
1305 | rsa_public_encrypt(key, key, host_key); | 1314 | rsa_public_encrypt(key, key, host_key); |
@@ -1307,8 +1316,14 @@ void ssh_login(int host_key_valid, | |||
1307 | else | 1316 | else |
1308 | { | 1317 | { |
1309 | /* Host key has smaller modulus (or they are equal). */ | 1318 | /* Host key has smaller modulus (or they are equal). */ |
1310 | assert(BN_num_bits(public_key->n) >= | 1319 | if (BN_num_bits(public_key->n) < |
1311 | BN_num_bits(host_key->n) + SSH_KEY_BITS_RESERVED); | 1320 | BN_num_bits(host_key->n) + SSH_KEY_BITS_RESERVED) { |
1321 | fatal("respond_to_rsa_challenge: public_key %d < host_key %d + " | ||
1322 | "SSH_KEY_BITS_RESERVED %d", | ||
1323 | BN_num_bits(public_key->n), | ||
1324 | BN_num_bits(host_key->n), | ||
1325 | SSH_KEY_BITS_RESERVED); | ||
1326 | } | ||
1312 | 1327 | ||
1313 | rsa_public_encrypt(key, key, host_key); | 1328 | rsa_public_encrypt(key, key, host_key); |
1314 | rsa_public_encrypt(key, key, public_key); | 1329 | rsa_public_encrypt(key, key, public_key); |