- markus@cvs.openbsd.org 2002/06/08 05:07:09

[ssh-keysign.c] only accept 20 byte session ids
author: Ben Lindstrom <mouring@eviladmin.org> 2002-06-09 22:01:48 +0200
committer: Ben Lindstrom <mouring@eviladmin.org> 2002-06-09 22:01:48 +0200
commit: a20715788dc44ed629e4320d7e9af4e285a559ab (patch)
tree: 6ec4f8446e2fee15891f9e3fd32e69a63ec96590 /ssh-keysign.c
parent: - markus@cvs.openbsd.org 2002/06/08 05:07:56 (diff)
download: openssh-a20715788dc44ed629e4320d7e9af4e285a559ab.tar.xz
openssh-a20715788dc44ed629e4320d7e9af4e285a559ab.zip
1 files changed, 7 insertions, 3 deletions
diff --git a/ssh-keysign.c b/ssh-keysign.c
index 78929b2e0..520927829 100644
--- a/ssh-keysign.c
+++ b/ssh-keysign.c
@@ -22,7 +22,7 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #include "includes.h"
-RCSID("$OpenBSD: ssh-keysign.c,v 1.2 2002/05/31 10:30:33 markus Exp $");
+RCSID("$OpenBSD: ssh-keysign.c,v 1.3 2002/06/08 05:07:09 markus Exp $");
 
 #include <openssl/evp.h>
 
@@ -60,8 +60,12 @@ valid_request(struct passwd *pw, char *host, Key **ret, u_char *data,
 	buffer_init(&b);
 	buffer_append(&b, data, datalen);
  
-	/* session id */
-	buffer_skip_string(&b);
+	/* session id, currently limited to SHA1 (20 bytes) */
+	p = buffer_get_string(&b, &len);
+	if (len != 20)
+		fail++;
+	xfree(p);
+
 	if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST)
 		fail++;
author	Ben Lindstrom <mouring@eviladmin.org>	2002-06-09 22:01:48 +0200
committer	Ben Lindstrom <mouring@eviladmin.org>	2002-06-09 22:01:48 +0200
commit	a20715788dc44ed629e4320d7e9af4e285a559ab (patch)
tree	6ec4f8446e2fee15891f9e3fd32e69a63ec96590 /ssh-keysign.c
parent	- markus@cvs.openbsd.org 2002/06/08 05:07:56 (diff)
download	openssh-a20715788dc44ed629e4320d7e9af4e285a559ab.tar.xz openssh-a20715788dc44ed629e4320d7e9af4e285a559ab.zip