diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | kexdh.c | 5 | ||||
-rw-r--r-- | kexgex.c | 5 |
3 files changed, 10 insertions, 5 deletions
@@ -48,6 +48,9 @@ | |||
48 | - markus@cvs.openbsd.org 2002/01/29 23:50:37 | 48 | - markus@cvs.openbsd.org 2002/01/29 23:50:37 |
49 | [scp.1 ssh.1] | 49 | [scp.1 ssh.1] |
50 | mention exit status; ok stevesk@ | 50 | mention exit status; ok stevesk@ |
51 | - markus@cvs.openbsd.org 2002/01/31 13:35:11 | ||
52 | [kexdh.c kexgex.c] | ||
53 | cross check announced key type and type from key blob | ||
51 | 54 | ||
52 | 20020130 | 55 | 20020130 |
53 | - (djm) Delay PRNG seeding until we need it in ssh-keygen, from markus@ | 56 | - (djm) Delay PRNG seeding until we need it in ssh-keygen, from markus@ |
@@ -7450,4 +7453,4 @@ | |||
7450 | - Wrote replacements for strlcpy and mkdtemp | 7453 | - Wrote replacements for strlcpy and mkdtemp |
7451 | - Released 1.0pre1 | 7454 | - Released 1.0pre1 |
7452 | 7455 | ||
7453 | $Id: ChangeLog,v 1.1812 2002/02/05 01:16:15 djm Exp $ | 7456 | $Id: ChangeLog,v 1.1813 2002/02/05 01:19:52 djm Exp $ |
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: kexdh.c,v 1.13 2002/01/25 22:07:40 markus Exp $"); | 26 | RCSID("$OpenBSD: kexdh.c,v 1.14 2002/01/31 13:35:11 markus Exp $"); |
27 | 27 | ||
28 | #include <openssl/crypto.h> | 28 | #include <openssl/crypto.h> |
29 | #include <openssl/bn.h> | 29 | #include <openssl/bn.h> |
@@ -121,7 +121,8 @@ kexdh_client(Kex *kex) | |||
121 | server_host_key = key_from_blob(server_host_key_blob, sbloblen); | 121 | server_host_key = key_from_blob(server_host_key_blob, sbloblen); |
122 | if (server_host_key == NULL) | 122 | if (server_host_key == NULL) |
123 | fatal("cannot decode server_host_key_blob"); | 123 | fatal("cannot decode server_host_key_blob"); |
124 | 124 | if (server_host_key->type != kex->hostkey_type) | |
125 | fatal("type mismatch for decoded server_host_key_blob"); | ||
125 | if (kex->verify_host_key == NULL) | 126 | if (kex->verify_host_key == NULL) |
126 | fatal("cannot verify server_host_key"); | 127 | fatal("cannot verify server_host_key"); |
127 | if (kex->verify_host_key(server_host_key) == -1) | 128 | if (kex->verify_host_key(server_host_key) == -1) |
@@ -24,7 +24,7 @@ | |||
24 | */ | 24 | */ |
25 | 25 | ||
26 | #include "includes.h" | 26 | #include "includes.h" |
27 | RCSID("$OpenBSD: kexgex.c,v 1.16 2002/01/25 22:07:40 markus Exp $"); | 27 | RCSID("$OpenBSD: kexgex.c,v 1.17 2002/01/31 13:35:11 markus Exp $"); |
28 | 28 | ||
29 | #include <openssl/bn.h> | 29 | #include <openssl/bn.h> |
30 | 30 | ||
@@ -176,7 +176,8 @@ kexgex_client(Kex *kex) | |||
176 | server_host_key = key_from_blob(server_host_key_blob, sbloblen); | 176 | server_host_key = key_from_blob(server_host_key_blob, sbloblen); |
177 | if (server_host_key == NULL) | 177 | if (server_host_key == NULL) |
178 | fatal("cannot decode server_host_key_blob"); | 178 | fatal("cannot decode server_host_key_blob"); |
179 | 179 | if (server_host_key->type != kex->hostkey_type) | |
180 | fatal("type mismatch for decoded server_host_key_blob"); | ||
180 | if (kex->verify_host_key == NULL) | 181 | if (kex->verify_host_key == NULL) |
181 | fatal("cannot verify server_host_key"); | 182 | fatal("cannot verify server_host_key"); |
182 | if (kex->verify_host_key(server_host_key) == -1) | 183 | if (kex->verify_host_key(server_host_key) == -1) |