summaryrefslogtreecommitdiff
path: root/kexdhc.c
diff options
context:
space:
mode:
Diffstat (limited to 'kexdhc.c')
-rw-r--r--kexdhc.c16
1 files changed, 2 insertions, 14 deletions
diff --git a/kexdhc.c b/kexdhc.c
index 2e26f22ea..a2af8cb08 100644
--- a/kexdhc.c
+++ b/kexdhc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kexdhc.c,v 1.28 2019/01/21 10:03:37 djm Exp $ */ 1/* $OpenBSD: kexdhc.c,v 1.29 2019/01/21 10:07:22 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2001 Markus Friedl. All rights reserved.
4 * 4 *
@@ -95,26 +95,14 @@ input_kex_dh(int type, u_int32_t seq, struct ssh *ssh)
95 size_t slen, sbloblen, hashlen; 95 size_t slen, sbloblen, hashlen;
96 int r; 96 int r;
97 97
98 if (kex->verify_host_key == NULL) {
99 r = SSH_ERR_INVALID_ARGUMENT;
100 goto out;
101 }
102 /* key, cert */ 98 /* key, cert */
103 if ((r = sshpkt_get_string(ssh, &server_host_key_blob, 99 if ((r = sshpkt_get_string(ssh, &server_host_key_blob,
104 &sbloblen)) != 0 || 100 &sbloblen)) != 0 ||
105 (r = sshkey_from_blob(server_host_key_blob, sbloblen, 101 (r = sshkey_from_blob(server_host_key_blob, sbloblen,
106 &server_host_key)) != 0) 102 &server_host_key)) != 0)
107 goto out; 103 goto out;
108 if (server_host_key->type != kex->hostkey_type || 104 if ((r = kex_verify_host_key(ssh, server_host_key)) != 0)
109 (kex->hostkey_type == KEY_ECDSA &&
110 server_host_key->ecdsa_nid != kex->hostkey_nid)) {
111 r = SSH_ERR_KEY_TYPE_MISMATCH;
112 goto out; 105 goto out;
113 }
114 if (kex->verify_host_key(server_host_key, ssh) == -1) {
115 r = SSH_ERR_SIGNATURE_INVALID;
116 goto out;
117 }
118 /* DH parameter f, server public DH key, signed H */ 106 /* DH parameter f, server public DH key, signed H */
119 if ((r = sshpkt_get_bignum2(ssh, &dh_server_pub)) != 0 || 107 if ((r = sshpkt_get_bignum2(ssh, &dh_server_pub)) != 0 ||
120 (r = sshpkt_get_string(ssh, &signature, &slen)) != 0 || 108 (r = sshpkt_get_string(ssh, &signature, &slen)) != 0 ||
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-08 11:43:01 +0000