This also means that FUZZING can just ignore host-key verification
failure while preserving invalid-host-key errors.
dmemdump(s->exchange_hash, ssh->kex->hash->hlen);
#endif
- if (!s->hkey ||
- !ssh->hostkey->verifysig(s->hkey, s->sigdata, s->siglen,
+ if (!s->hkey) {
+ bombout(("Server's host key is invalid"));
+ crStopV;
+ }
+
+ if (!ssh->hostkey->verifysig(s->hkey, s->sigdata, s->siglen,
(char *)s->exchange_hash,
ssh->kex->hash->hlen)) {
#ifndef FUZZING
bombout(("Server's host key did not match the signature supplied"));
- crStopV;
+ crStopV;f
#endif
}