[monitor.c]
some paranoia: check that the serialised key is really KEY_RSA before
diddling its internals
[serverloop.c]
tighten check for -R0:... forwarding: only allow dynamic allocation
if want_reply is set in the packet
[serverloop.c]
tighten check for -R0:... forwarding: only allow dynamic allocation
if want_reply is set in the packet
+ - djm@cvs.openbsd.org 2009/02/12 03:26:22
+ [monitor.c]
+ some paranoia: check that the serialised key is really KEY_RSA before
+ diddling its internals
20090212
- (djm) [sshpty.c] bz#1419: OSX uses cloning ptys that automagically
20090212
- (djm) [sshpty.c] bz#1419: OSX uses cloning ptys that automagically
-/* $OpenBSD: monitor.c,v 1.100 2008/11/04 08:22:13 djm Exp $ */
+/* $OpenBSD: monitor.c,v 1.101 2009/02/12 03:26:22 djm Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
fatal("%s: key type mismatch", __func__);
if ((key = key_from_blob(blob, blen)) == NULL)
fatal("%s: received bad key", __func__);
fatal("%s: key type mismatch", __func__);
if ((key = key_from_blob(blob, blen)) == NULL)
fatal("%s: received bad key", __func__);
+ if (key->type != KEY_RSA)
+ fatal("%s: received bad key type %d", __func__, key->type);
+ key->type = KEY_RSA1;
if (ssh1_challenge)
BN_clear_free(ssh1_challenge);
ssh1_challenge = auth_rsa_generate_challenge(key);
if (ssh1_challenge)
BN_clear_free(ssh1_challenge);
ssh1_challenge = auth_rsa_generate_challenge(key);