upstream commit
pass negotiated signing algorithm though to
sshkey_verify() and check that the negotiated algorithm matches the type in
the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@
OpenBSD-Commit-ID: 735fb15bf4adc060d3bee9d047a4bcaaa81b1af9
diff --git a/monitor.c b/monitor.c
index a0ad985..5b8f0ef 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.175 2017/10/05 15:52:03 djm Exp $ */
+/* $OpenBSD: monitor.c,v 1.176 2017/12/18 02:25:15 djm Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -1339,12 +1339,14 @@
{
struct sshkey *key;
u_char *signature, *data, *blob;
+ char *sigalg;
size_t signaturelen, datalen, bloblen;
int r, ret, valid_data = 0, encoded_ret;
if ((r = sshbuf_get_string(m, &blob, &bloblen)) != 0 ||
(r = sshbuf_get_string(m, &signature, &signaturelen)) != 0 ||
- (r = sshbuf_get_string(m, &data, &datalen)) != 0)
+ (r = sshbuf_get_string(m, &data, &datalen)) != 0 ||
+ (r = sshbuf_get_cstring(m, &sigalg, NULL)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
if (hostbased_cuser == NULL || hostbased_chost == NULL ||
@@ -1373,7 +1375,7 @@
fatal("%s: bad signature data blob", __func__);
ret = sshkey_verify(key, signature, signaturelen, data, datalen,
- active_state->compat);
+ sigalg, active_state->compat);
debug3("%s: %s %p signature %s", __func__, auth_method, key,
(ret == 0) ? "verified" : "unverified");
auth2_record_key(authctxt, ret == 0, key);