- djm@cvs.openbsd.org 2009/02/12 03:26:22

[monitor.c] some paranoia: check that the serialised key is really KEY_RSA before diddling its internals
author: Damien Miller <djm@mindrot.org> 2009-02-14 16:33:31 +1100
committer: Damien Miller <djm@mindrot.org> 2009-02-14 16:33:31 +1100
commit: 923e8bb7dc921b3136320f126976bfeee11c9e41 (patch)
tree: b6ee668c45a15c12372e84fa912fe11df7267fe7 /monitor.c
parent: 330d58587f05fd34f3b1d20a64d254ea0470a6cc (diff)
download: openssh-git-923e8bb7dc921b3136320f126976bfeee11c9e41.tar.gz
1 files changed, 4 insertions, 2 deletions
diff --git a/monitor.c b/monitor.c
index 39deedc8..f57e74ba 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.100 2008/11/04 08:22:13 djm Exp $ */
+/* $OpenBSD: monitor.c,v 1.101 2009/02/12 03:26:22 djm Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -1500,7 +1500,9 @@ mm_answer_rsa_challenge(int sock, Buffer *m)
 		fatal("%s: key type mismatch", __func__);
 	if ((key = key_from_blob(blob, blen)) == NULL)
 		fatal("%s: received bad key", __func__);
-
+	if (key->type != KEY_RSA)
+		fatal("%s: received bad key type %d", __func__, key->type);
+	key->type = KEY_RSA1;
 	if (ssh1_challenge)
 		BN_clear_free(ssh1_challenge);
 	ssh1_challenge = auth_rsa_generate_challenge(key);
author	Damien Miller <djm@mindrot.org>	2009-02-14 16:33:31 +1100
committer	Damien Miller <djm@mindrot.org>	2009-02-14 16:33:31 +1100
commit	923e8bb7dc921b3136320f126976bfeee11c9e41 (patch)
tree	b6ee668c45a15c12372e84fa912fe11df7267fe7 /monitor.c
parent	330d58587f05fd34f3b1d20a64d254ea0470a6cc (diff)
download	openssh-git-923e8bb7dc921b3136320f126976bfeee11c9e41.tar.gz