===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/ssh-rsa.c,v
retrieving revision 1.6.2.5
retrieving revision 1.6.2.6
diff -u -r1.6.2.5 -r1.6.2.6
--- src/usr.bin/ssh/ssh-rsa.c	2001/09/27 00:15:42	1.6.2.5
+++ src/usr.bin/ssh/ssh-rsa.c	2001/11/15 22:50:30	1.6.2.6
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-rsa.c,v 1.6.2.5 2001/09/27 00:15:42 miod Exp $");
+RCSID("$OpenBSD: ssh-rsa.c,v 1.6.2.6 2001/11/15 22:50:30 miod Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -54,6 +54,10 @@
 		error("ssh_rsa_sign: no RSA key");
 		return -1;
 	}
+	if (datafellows & SSH_BUG_SIGBLOB) {
+		error("ssh_rsa_sign: SSH_BUG_SIGBLOB not supported");
+		return -1;
+	}
 	nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1;
 	if ((evp_md = EVP_get_digestbynid(nid)) == NULL) {
 		error("ssh_rsa_sign: EVP_get_digestbynid %d failed", nid);
@@ -124,6 +128,10 @@
 		error("ssh_rsa_verify: no RSA key");
 		return -1;
 	}
+	if (datafellows & SSH_BUG_SIGBLOB) {
+		error("ssh_rsa_verify: SSH_BUG_SIGBLOB not supported");
+		return -1;
+	}
 	if (BN_num_bits(key->rsa->n) < 768) {
 		error("ssh_rsa_verify: n too small: %d bits",
 		    BN_num_bits(key->rsa->n));
@@ -143,14 +151,14 @@
 	rlen = buffer_len(&b);
 	buffer_free(&b);
 	if(rlen != 0) {
-		xfree(sigblob);
 		error("ssh_rsa_verify: remaining bytes in signature %d", rlen);
+		xfree(sigblob);
 		return -1;
 	}
 	nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1;
 	if ((evp_md = EVP_get_digestbynid(nid)) == NULL) {
-		xfree(sigblob);
 		error("ssh_rsa_verify: EVP_get_digestbynid %d failed", nid);
+		xfree(sigblob);
 		return -1;
 	}
 	dlen = evp_md->md_size;