summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--auth2-pubkey.c4
-rw-r--r--monitor.c9
-rw-r--r--monitor_wrap.c4
3 files changed, 12 insertions, 5 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index eac79cc3d..0713a9de8 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth2-pubkey.c,v 1.73 2017/12/19 00:24:34 djm Exp $ */ 1/* $OpenBSD: auth2-pubkey.c,v 1.74 2017/12/21 00:00:28 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -214,7 +214,7 @@ userauth_pubkey(struct ssh *ssh)
214 authenticated = 0; 214 authenticated = 0;
215 if (PRIVSEP(user_key_allowed(authctxt->pw, key, 1)) && 215 if (PRIVSEP(user_key_allowed(authctxt->pw, key, 1)) &&
216 PRIVSEP(sshkey_verify(key, sig, slen, sshbuf_ptr(b), 216 PRIVSEP(sshkey_verify(key, sig, slen, sshbuf_ptr(b),
217 sshbuf_len(b), pkalg, ssh->compat)) == 0) { 217 sshbuf_len(b), NULL, ssh->compat)) == 0) {
218 authenticated = 1; 218 authenticated = 1;
219 } 219 }
220 sshbuf_free(b); 220 sshbuf_free(b);
diff --git a/monitor.c b/monitor.c
index 5b8f0ef65..b0227eee1 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: monitor.c,v 1.176 2017/12/18 02:25:15 djm Exp $ */ 1/* $OpenBSD: monitor.c,v 1.177 2017/12/21 00:00:28 djm Exp $ */
2/* 2/*
3 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 3 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
4 * Copyright 2002 Markus Friedl <markus@openbsd.org> 4 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -1353,6 +1353,12 @@ mm_answer_keyverify(int sock, struct sshbuf *m)
1353 !monitor_allowed_key(blob, bloblen)) 1353 !monitor_allowed_key(blob, bloblen))
1354 fatal("%s: bad key, not previously allowed", __func__); 1354 fatal("%s: bad key, not previously allowed", __func__);
1355 1355
1356 /* Empty signature algorithm means NULL. */
1357 if (*sigalg == '\0') {
1358 free(sigalg);
1359 sigalg = NULL;
1360 }
1361
1356 /* XXX use sshkey_froms here; need to change key_blob, etc. */ 1362 /* XXX use sshkey_froms here; need to change key_blob, etc. */
1357 if ((r = sshkey_from_blob(blob, bloblen, &key)) != 0) 1363 if ((r = sshkey_from_blob(blob, bloblen, &key)) != 0)
1358 fatal("%s: bad public key blob: %s", __func__, ssh_err(r)); 1364 fatal("%s: bad public key blob: %s", __func__, ssh_err(r));
@@ -1383,6 +1389,7 @@ mm_answer_keyverify(int sock, struct sshbuf *m)
1383 free(blob); 1389 free(blob);
1384 free(signature); 1390 free(signature);
1385 free(data); 1391 free(data);
1392 free(sigalg);
1386 1393
1387 monitor_reset_key_state(); 1394 monitor_reset_key_state();
1388 1395
diff --git a/monitor_wrap.c b/monitor_wrap.c
index 502d41687..7471e4546 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: monitor_wrap.c,v 1.96 2017/12/18 02:25:15 djm Exp $ */ 1/* $OpenBSD: monitor_wrap.c,v 1.97 2017/12/21 00:00:28 djm Exp $ */
2/* 2/*
3 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 3 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
4 * Copyright 2002 Markus Friedl <markus@openbsd.org> 4 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -458,7 +458,7 @@ mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen,
458 buffer_put_string(&m, blob, len); 458 buffer_put_string(&m, blob, len);
459 buffer_put_string(&m, sig, siglen); 459 buffer_put_string(&m, sig, siglen);
460 buffer_put_string(&m, data, datalen); 460 buffer_put_string(&m, data, datalen);
461 buffer_put_cstring(&m, sigalg); 461 buffer_put_cstring(&m, sigalg == NULL ? "" : sigalg);
462 free(blob); 462 free(blob);
463 463
464 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYVERIFY, &m); 464 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYVERIFY, &m);
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-07 19:14:26 +0000