From c4972d0a9bd6f898462906b4827e09b7caea2d9b Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Fri, 11 Aug 2017 04:47:12 +0000
Subject: upstream commit

refuse to a private keys when its corresponding .pub key
does not match. bz#2737 ok dtucker@

Upstream-ID: 54ff5e2db00037f9db8d61690f26ef8f16e0d913
---
 sshconnect2.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'sshconnect2.c')

diff --git a/sshconnect2.c b/sshconnect2.c
index d2de5bc96..0638818fd 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.264 2017/06/14 00:31:38 dtucker Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.265 2017/08/11 04:47:12 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Damien Miller.  All rights reserved.
@@ -1037,6 +1037,11 @@ identity_sign(struct identity *id, u_char **sigp, size_t *lenp,
 	/* load the private key from the file */
 	if ((prv = load_identity_file(id)) == NULL)
 		return SSH_ERR_KEY_NOT_FOUND;
+	if (id->key != NULL && !sshkey_equal_public(prv, id->key)) {
+		error("%s: private key %s contents do not match public",
+		   __func__, id->filename);
+		return SSH_ERR_KEY_NOT_FOUND;
+	}
 	ret = sshkey_sign(prv, sigp, lenp, data, datalen,
 	    key_sign_encode(prv), compat);
 	sshkey_free(prv);
-- 
cgit v1.2.3