| version 1.308, 2017/12/18 02:25:15 |
version 1.309, 2017/12/18 23:16:23 |
|
|
| struct hostkeys_update_ctx *ctx = (struct hostkeys_update_ctx *)_ctx; |
struct hostkeys_update_ctx *ctx = (struct hostkeys_update_ctx *)_ctx; |
| size_t i, ndone; |
size_t i, ndone; |
| struct sshbuf *signdata; |
struct sshbuf *signdata; |
| int r; |
int r, kexsigtype, use_kexsigtype; |
| const u_char *sig; |
const u_char *sig; |
| size_t siglen; |
size_t siglen; |
| |
|
|
|
| hostkeys_update_ctx_free(ctx); |
hostkeys_update_ctx_free(ctx); |
| return; |
return; |
| } |
} |
| |
kexsigtype = sshkey_type_plain( |
| |
sshkey_type_from_name(ssh->kex->hostkey_alg)); |
| |
|
| if ((signdata = sshbuf_new()) == NULL) |
if ((signdata = sshbuf_new()) == NULL) |
| fatal("%s: sshbuf_new failed", __func__); |
fatal("%s: sshbuf_new failed", __func__); |
| /* Don't want to accidentally accept an unbound signature */ |
/* Don't want to accidentally accept an unbound signature */ |
|
|
| __func__, ssh_err(r)); |
__func__, ssh_err(r)); |
| goto out; |
goto out; |
| } |
} |
| |
/* |
| |
* For RSA keys, prefer to use the signature type negotiated |
| |
* during KEX to the default (SHA1). |
| |
*/ |
| |
use_kexsigtype = kexsigtype == KEY_RSA && |
| |
sshkey_type_plain(ctx->keys[i]->type) == KEY_RSA; |
| if ((r = sshkey_verify(ctx->keys[i], sig, siglen, |
if ((r = sshkey_verify(ctx->keys[i], sig, siglen, |
| sshbuf_ptr(signdata), sshbuf_len(signdata), |
sshbuf_ptr(signdata), sshbuf_len(signdata), |
| ssh->kex->hostkey_alg, 0)) != 0) { |
use_kexsigtype ? ssh->kex->hostkey_alg : NULL, 0)) != 0) { |
| error("%s: server gave bad signature for %s key %zu", |
error("%s: server gave bad signature for %s key %zu", |
| __func__, sshkey_type(ctx->keys[i]), i); |
__func__, sshkey_type(ctx->keys[i]), i); |
| goto out; |
goto out; |
![[BACK]](/icons/back.gif){kind=icon}
Return to clientloop.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh