- markus@cvs.openbsd.org 2002/01/29 23:50:37
[scp.1 ssh.1]
mention exit status; ok stevesk@
+ - markus@cvs.openbsd.org 2002/01/31 13:35:11
+ [kexdh.c kexgex.c]
+ cross check announced key type and type from key blob
20020130
- (djm) Delay PRNG seeding until we need it in ssh-keygen, from markus@
*/
#include "includes.h"
-RCSID("$OpenBSD: kexdh.c,v 1.13 2002/01/25 22:07:40 markus Exp $");
+RCSID("$OpenBSD: kexdh.c,v 1.14 2002/01/31 13:35:11 markus Exp $");
#include <openssl/crypto.h>
#include <openssl/bn.h>
server_host_key = key_from_blob(server_host_key_blob, sbloblen);
if (server_host_key == NULL)
fatal("cannot decode server_host_key_blob");
-
+ if (server_host_key->type != kex->hostkey_type)
+ fatal("type mismatch for decoded server_host_key_blob");
if (kex->verify_host_key == NULL)
fatal("cannot verify server_host_key");
if (kex->verify_host_key(server_host_key) == -1)
*/
#include "includes.h"
-RCSID("$OpenBSD: kexgex.c,v 1.16 2002/01/25 22:07:40 markus Exp $");
+RCSID("$OpenBSD: kexgex.c,v 1.17 2002/01/31 13:35:11 markus Exp $");
#include <openssl/bn.h>
server_host_key = key_from_blob(server_host_key_blob, sbloblen);
if (server_host_key == NULL)
fatal("cannot decode server_host_key_blob");
-
+ if (server_host_key->type != kex->hostkey_type)
+ fatal("type mismatch for decoded server_host_key_blob");
if (kex->verify_host_key == NULL)
fatal("cannot verify server_host_key");
if (kex->verify_host_key(server_host_key) == -1)
andersk / openssh.git / commitdiff
