]> asedeno.scripts.mit.edu Git - PuTTY.git/commitdiff
projects / PuTTY.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 12702cb)
Emit a distinct error message when the SSH server's host key is invalid.
authorBen Harris <bjh21@bjh21.me.uk>
Sun, 18 Oct 2015 19:16:39 +0000 (20:16 +0100)
committerBen Harris <bjh21@bjh21.me.uk>
Wed, 28 Oct 2015 22:08:59 +0000 (22:08 +0000)
This also means that FUZZING can just ignore host-key verification
failure while preserving invalid-host-key errors.

ssh.c patch | blob | history

diff --git a/ssh.c b/ssh.c
index 288616fd901c6756bac358f98e5618220ed9f283..de8259ed1db41662ad1e38c8004df691c17ea219 100644 (file)
--- a/ssh.c
+++ b/ssh.c
@@ -7126,13 +7126,17 @@ static void do_ssh2_transport(Ssh ssh, const void *vin, int inlen,
     dmemdump(s->exchange_hash, ssh->kex->hash->hlen);
 #endif
 
-    if (!s->hkey ||
-       !ssh->hostkey->verifysig(s->hkey, s->sigdata, s->siglen,
+    if (!s->hkey) {
+       bombout(("Server's host key is invalid"));
+       crStopV;
+    }
+
+    if (!ssh->hostkey->verifysig(s->hkey, s->sigdata, s->siglen,
                                 (char *)s->exchange_hash,
                                 ssh->kex->hash->hlen)) {
 #ifndef FUZZING
        bombout(("Server's host key did not match the signature supplied"));
-       crStopV;
+       crStopV;
 #endif
     }
 
local copy of git://git.tartarus.org/simon/putty.git