[Bug 3675] CASignatureAlgorithms should be verified before verifying signatures
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Thu Apr 4 05:49:55 AEDT 2024
https://bugzilla.mindrot.org/show_bug.cgi?id=3675
--- Comment #4 from Andres Freund <andres at anarazel.de> ---
> On the one hand it feels a bit like trying to fight the last battle, but on the other it is a meaningful attack surface reduction.
Agreed on both points.
Thanks for the quick writing of the patch!
I don't know the openssh codebase well, so my ability to provide review
is limited.
I think there might still be one path "unprotected" after this.
userauth_hostbased() uses sshkey_from_blob() and
a) checks options.hostbased_accepted_algos afterwards
b) uses sshkey_from_blob(), not sshkey_from_blob_expect_type(), with a
subsequent check of the certificate type
Another thing I noticed is that it might end up being a bit harder to
debug some of the error paths after the change, due to going from
specific error messages to more generic error codes. OTOH, it seems
unlikely that these paths are encountered outside of attacks.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list