upstream commit
pass negotiated signing algorithm though to
sshkey_verify() and check that the negotiated algorithm matches the type in
the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@
OpenBSD-Commit-ID: 735fb15bf4adc060d3bee9d047a4bcaaa81b1af9
diff --git a/kexdhc.c b/kexdhc.c
index 9864ee2..5e1a353 100644
--- a/kexdhc.c
+++ b/kexdhc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexdhc.c,v 1.20 2017/05/30 14:23:52 markus Exp $ */
+/* $OpenBSD: kexdhc.c,v 1.21 2017/12/18 02:25:15 djm Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
*
@@ -183,7 +183,7 @@
goto out;
if ((r = sshkey_verify(server_host_key, signature, slen, hash, hashlen,
- ssh->compat)) != 0)
+ kex->hostkey_alg, ssh->compat)) != 0)
goto out;
/* save session id */