version 1.28, 2019/01/21 10:03:37 |
version 1.29, 2019/01/21 10:07:22 |
|
|
size_t slen, sbloblen, hashlen; |
size_t slen, sbloblen, hashlen; |
int r; |
int r; |
|
|
if (kex->verify_host_key == NULL) { |
|
r = SSH_ERR_INVALID_ARGUMENT; |
|
goto out; |
|
} |
|
/* key, cert */ |
/* key, cert */ |
if ((r = sshpkt_get_string(ssh, &server_host_key_blob, |
if ((r = sshpkt_get_string(ssh, &server_host_key_blob, |
&sbloblen)) != 0 || |
&sbloblen)) != 0 || |
(r = sshkey_from_blob(server_host_key_blob, sbloblen, |
(r = sshkey_from_blob(server_host_key_blob, sbloblen, |
&server_host_key)) != 0) |
&server_host_key)) != 0) |
goto out; |
goto out; |
if (server_host_key->type != kex->hostkey_type || |
if ((r = kex_verify_host_key(ssh, server_host_key)) != 0) |
(kex->hostkey_type == KEY_ECDSA && |
|
server_host_key->ecdsa_nid != kex->hostkey_nid)) { |
|
r = SSH_ERR_KEY_TYPE_MISMATCH; |
|
goto out; |
goto out; |
} |
|
if (kex->verify_host_key(server_host_key, ssh) == -1) { |
|
r = SSH_ERR_SIGNATURE_INVALID; |
|
goto out; |
|
} |
|
/* DH parameter f, server public DH key, signed H */ |
/* DH parameter f, server public DH key, signed H */ |
if ((r = sshpkt_get_bignum2(ssh, &dh_server_pub)) != 0 || |
if ((r = sshpkt_get_bignum2(ssh, &dh_server_pub)) != 0 || |
(r = sshpkt_get_string(ssh, &signature, &slen)) != 0 || |
(r = sshpkt_get_string(ssh, &signature, &slen)) != 0 || |