version 1.227, 2021/07/02 05:11:20 |
version 1.228, 2021/08/11 05:20:17 |
|
|
} else |
} else |
fatal_f("no hostkey from index %d", keyid); |
fatal_f("no hostkey from index %d", keyid); |
|
|
debug3_f("%s signature %p(%zu)", is_proof ? "hostkey proof" : "KEX", |
debug3_f("%s %s signature len=%zu", alg, |
signature, siglen); |
is_proof ? "hostkey proof" : "KEX", siglen); |
|
|
sshbuf_reset(m); |
sshbuf_reset(m); |
if ((r = sshbuf_put_string(m, signature, siglen)) != 0) |
if ((r = sshbuf_put_string(m, signature, siglen)) != 0) |
|
|
(r = sshbuf_get_u32(m, &pubkey_auth_attempt)) != 0) |
(r = sshbuf_get_u32(m, &pubkey_auth_attempt)) != 0) |
fatal_fr(r, "parse"); |
fatal_fr(r, "parse"); |
|
|
debug3_f("key_from_blob: %p", key); |
|
|
|
if (key != NULL && authctxt->valid) { |
if (key != NULL && authctxt->valid) { |
/* These should not make it past the privsep child */ |
/* These should not make it past the privsep child */ |
if (sshkey_type_plain(key->type) == KEY_RSA && |
if (sshkey_type_plain(key->type) == KEY_RSA && |
|
|
|
|
ret = sshkey_verify(key, signature, signaturelen, data, datalen, |
ret = sshkey_verify(key, signature, signaturelen, data, datalen, |
sigalg, ssh->compat, &sig_details); |
sigalg, ssh->compat, &sig_details); |
debug3_f("%s %p signature %s%s%s", auth_method, key, |
debug3_f("%s %s signature %s%s%s", auth_method, sshkey_type(key), |
(ret == 0) ? "verified" : "unverified", |
(ret == 0) ? "verified" : "unverified", |
(ret != 0) ? ": " : "", (ret != 0) ? ssh_err(ret) : ""); |
(ret != 0) ? ": " : "", (ret != 0) ? ssh_err(ret) : ""); |
|
|