mirror of
git://anongit.mindrot.org/openssh.git
synced 2024-12-25 11:22:10 +00:00
- markus@cvs.openbsd.org 2006/11/07 10:31:31
[monitor.c version.h] correctly check for bad signatures in the monitor, otherwise the monitor and the unpriv process can get out of sync. with dtucker@, ok djm@, dtucker@
This commit is contained in:
parent
0bc85579a9
commit
fbba735aa3
@ -6,6 +6,11 @@
|
||||
[auth-rsa.c kexgexc.c kexdhs.c key.c ssh-dss.c sshd.c kexgexs.c
|
||||
ssh-keygen.c bufbn.c moduli.c scard.c kexdhc.c sshconnect1.c dh.c rsa.c]
|
||||
add missing checks for openssl return codes; with & ok djm@
|
||||
- markus@cvs.openbsd.org 2006/11/07 10:31:31
|
||||
[monitor.c version.h]
|
||||
correctly check for bad signatures in the monitor, otherwise the monitor
|
||||
and the unpriv process can get out of sync. with dtucker@, ok djm@,
|
||||
dtucker@
|
||||
|
||||
20061105
|
||||
- (djm) OpenBSD CVS Sync
|
||||
@ -2597,4 +2602,4 @@
|
||||
OpenServer 6 and add osr5bigcrypt support so when someone migrates
|
||||
passwords between UnixWare and OpenServer they will still work. OK dtucker@
|
||||
|
||||
$Id: ChangeLog,v 1.4585 2006/11/07 12:14:41 dtucker Exp $
|
||||
$Id: ChangeLog,v 1.4586 2006/11/07 12:16:08 dtucker Exp $
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: monitor.c,v 1.88 2006/08/12 20:46:46 miod Exp $ */
|
||||
/* $OpenBSD: monitor.c,v 1.89 2006/11/07 10:31:31 markus Exp $ */
|
||||
/*
|
||||
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
|
||||
* Copyright 2002 Markus Friedl <markus@openbsd.org>
|
||||
@ -350,7 +350,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
|
||||
/* The first few requests do not require asynchronous access */
|
||||
while (!authenticated) {
|
||||
auth_method = "unknown";
|
||||
authenticated = monitor_read(pmonitor, mon_dispatch, &ent);
|
||||
authenticated = (monitor_read(pmonitor, mon_dispatch, &ent) == 1);
|
||||
if (authenticated) {
|
||||
if (!(ent->flags & MON_AUTHDECIDE))
|
||||
fatal("%s: unexpected authentication from %d",
|
||||
@ -1217,7 +1217,7 @@ mm_answer_keyverify(int sock, Buffer *m)
|
||||
|
||||
verified = key_verify(key, signature, signaturelen, data, datalen);
|
||||
debug3("%s: key %p signature %s",
|
||||
__func__, key, verified ? "verified" : "unverified");
|
||||
__func__, key, (verified == 1) ? "verified" : "unverified");
|
||||
|
||||
key_free(key);
|
||||
xfree(blob);
|
||||
@ -1232,7 +1232,7 @@ mm_answer_keyverify(int sock, Buffer *m)
|
||||
buffer_put_int(m, verified);
|
||||
mm_request_send(sock, MONITOR_ANS_KEYVERIFY, m);
|
||||
|
||||
return (verified);
|
||||
return (verified == 1);
|
||||
}
|
||||
|
||||
static void
|
||||
|
@ -1,6 +1,6 @@
|
||||
/* $OpenBSD: version.h,v 1.47 2006/08/30 00:14:37 djm Exp $ */
|
||||
/* $OpenBSD: version.h,v 1.48 2006/11/07 10:31:31 markus Exp $ */
|
||||
|
||||
#define SSH_VERSION "OpenSSH_4.4"
|
||||
#define SSH_VERSION "OpenSSH_4.5"
|
||||
|
||||
#define SSH_PORTABLE "p1"
|
||||
#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
|
||||
|
Loading…
Reference in New Issue
Block a user