62 lines
1.8 KiB
Diff
62 lines
1.8 KiB
Diff
|
# HG changeset patch
|
||
|
# Parent c487e15d91bc5cdfb0aedcf4d3c7fe4d0f309a73
|
||
|
|
||
|
diff --git a/openssh-6.6p1/auth-rsa.c b/openssh-6.6p1/auth-rsa.c
|
||
|
--- a/openssh-6.6p1/auth-rsa.c
|
||
|
+++ b/openssh-6.6p1/auth-rsa.c
|
||
|
@@ -94,16 +94,20 @@ int
|
||
|
auth_rsa_verify_response(Key *key, BIGNUM *challenge,
|
||
|
u_char response[SSH_DIGEST_MAX_LENGTH])
|
||
|
{
|
||
|
u_char buf[2 * SSH_DIGEST_MAX_LENGTH], mdbuf[SSH_DIGEST_MAX_LENGTH];
|
||
|
struct ssh_digest_ctx *md;
|
||
|
int len;
|
||
|
int dgst;
|
||
|
size_t dgst_len;
|
||
|
+ int rv;
|
||
|
+#ifdef SSH_AUDIT_EVENTS
|
||
|
+ char *fp;
|
||
|
+#endif
|
||
|
|
||
|
/* don't allow short keys */
|
||
|
if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
|
||
|
error("%s: RSA modulus too small: %d < minimum %d bits",
|
||
|
__func__,
|
||
|
BN_num_bits(key->rsa->n), SSH_RSA_MINIMUM_MODULUS_SIZE);
|
||
|
return (0);
|
||
|
}
|
||
|
@@ -121,22 +125,28 @@ auth_rsa_verify_response(Key *key, BIGNU
|
||
|
if ((md = ssh_digest_start(dgst)) == NULL ||
|
||
|
ssh_digest_update(md, buf, 2 * dgst_len) < 0 ||
|
||
|
ssh_digest_update(md, session_id, dgst_len) < 0 ||
|
||
|
ssh_digest_final(md, mdbuf, sizeof(mdbuf)) < 0)
|
||
|
fatal("%s: md5 failed", __func__);
|
||
|
ssh_digest_free(md);
|
||
|
|
||
|
/* Verify that the response is the original challenge. */
|
||
|
- if (timingsafe_bcmp(response, mdbuf, dgst_len) != 0) {
|
||
|
- /* Wrong answer. */
|
||
|
- return (0);
|
||
|
+ rv = timingsafe_bcmp(response, mdbuf, dgst_len) == 0;
|
||
|
+
|
||
|
+#ifdef SSH_AUDIT_EVENTS
|
||
|
+ fp = key_fingerprint(key, key_fp_type_select(), SSH_FP_HEX);
|
||
|
+ if (audit_keyusage(1, "ssh-rsa1", RSA_size(key->rsa) * 8, fp, rv) == 0) {
|
||
|
+ debug("unsuccessful audit");
|
||
|
+ rv = 0;
|
||
|
}
|
||
|
- /* Correct answer. */
|
||
|
- return (1);
|
||
|
+ free(fp);
|
||
|
+#endif
|
||
|
+
|
||
|
+ return rv;
|
||
|
}
|
||
|
|
||
|
/*
|
||
|
* Performs the RSA authentication challenge-response dialog with the client,
|
||
|
* and returns true (non-zero) if the client gave the correct answer to
|
||
|
* our challenge; returns zero if the client gives a wrong answer.
|
||
|
*/
|
||
|
|