summaryrefslogtreecommitdiff
path: root/monitor.c
diff options
context:
space:
mode:
Diffstat (limited to 'monitor.c')
-rw-r--r--monitor.c41
1 files changed, 23 insertions, 18 deletions
diff --git a/monitor.c b/monitor.c
index cd4089398..2dee9721d 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: monitor.c,v 1.168 2017/05/30 08:52:19 markus Exp $ */ 1/* $OpenBSD: monitor.c,v 1.169 2017/05/30 14:10:53 markus Exp $ */
2/* 2/*
3 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 3 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
4 * Copyright 2002 Markus Friedl <markus@openbsd.org> 4 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -1330,25 +1330,25 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser,
1330} 1330}
1331 1331
1332int 1332int
1333mm_answer_keyverify(int sock, Buffer *m) 1333mm_answer_keyverify(int sock, struct sshbuf *m)
1334{ 1334{
1335 struct sshkey *key; 1335 struct sshkey *key;
1336 u_char *signature, *data, *blob; 1336 u_char *signature, *data, *blob;
1337 u_int signaturelen, datalen, bloblen; 1337 size_t signaturelen, datalen, bloblen;
1338 int verified = 0; 1338 int r, ret, valid_data = 0, encoded_ret;
1339 int valid_data = 0;
1340 1339
1341 blob = buffer_get_string(m, &bloblen); 1340 if ((r = sshbuf_get_string(m, &blob, &bloblen)) != 0 ||
1342 signature = buffer_get_string(m, &signaturelen); 1341 (r = sshbuf_get_string(m, &signature, &signaturelen)) != 0 ||
1343 data = buffer_get_string(m, &datalen); 1342 (r = sshbuf_get_string(m, &data, &datalen)) != 0)
1343 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1344 1344
1345 if (hostbased_cuser == NULL || hostbased_chost == NULL || 1345 if (hostbased_cuser == NULL || hostbased_chost == NULL ||
1346 !monitor_allowed_key(blob, bloblen)) 1346 !monitor_allowed_key(blob, bloblen))
1347 fatal("%s: bad key, not previously allowed", __func__); 1347 fatal("%s: bad key, not previously allowed", __func__);
1348 1348
1349 key = key_from_blob(blob, bloblen); 1349 /* XXX use sshkey_froms here; need to change key_blob, etc. */
1350 if (key == NULL) 1350 if ((r = sshkey_from_blob(blob, bloblen, &key)) != 0)
1351 fatal("%s: bad public key blob", __func__); 1351 fatal("%s: bad public key blob: %s", __func__, ssh_err(r));
1352 1352
1353 switch (key_blobtype) { 1353 switch (key_blobtype) {
1354 case MM_USERKEY: 1354 case MM_USERKEY:
@@ -1365,15 +1365,16 @@ mm_answer_keyverify(int sock, Buffer *m)
1365 if (!valid_data) 1365 if (!valid_data)
1366 fatal("%s: bad signature data blob", __func__); 1366 fatal("%s: bad signature data blob", __func__);
1367 1367
1368 verified = key_verify(key, signature, signaturelen, data, datalen); 1368 ret = sshkey_verify(key, signature, signaturelen, data, datalen,
1369 active_state->compat);
1369 debug3("%s: key %p signature %s", 1370 debug3("%s: key %p signature %s",
1370 __func__, key, (verified == 1) ? "verified" : "unverified"); 1371 __func__, key, (ret == 0) ? "verified" : "unverified");
1371 1372
1372 /* If auth was successful then record key to ensure it isn't reused */ 1373 /* If auth was successful then record key to ensure it isn't reused */
1373 if (verified == 1 && key_blobtype == MM_USERKEY) 1374 if (ret == 0 && key_blobtype == MM_USERKEY)
1374 auth2_record_userkey(authctxt, key); 1375 auth2_record_userkey(authctxt, key);
1375 else 1376 else
1376 key_free(key); 1377 sshkey_free(key);
1377 1378
1378 free(blob); 1379 free(blob);
1379 free(signature); 1380 free(signature);
@@ -1383,11 +1384,15 @@ mm_answer_keyverify(int sock, Buffer *m)
1383 1384
1384 monitor_reset_key_state(); 1385 monitor_reset_key_state();
1385 1386
1386 buffer_clear(m); 1387 sshbuf_reset(m);
1387 buffer_put_int(m, verified); 1388
1389 /* encode ret != 0 as positive integer, since we're sending u32 */
1390 encoded_ret = (ret != 0);
1391 if ((r = sshbuf_put_u32(m, encoded_ret)) != 0)
1392 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1388 mm_request_send(sock, MONITOR_ANS_KEYVERIFY, m); 1393 mm_request_send(sock, MONITOR_ANS_KEYVERIFY, m);
1389 1394
1390 return (verified == 1); 1395 return ret == 0;
1391} 1396}
1392 1397
1393static void 1398static void