[openssh-commits] [openssh] 07/10: upstream commit

[git+noreply at mindrot.org]

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 966ef478339ad5e631fb684d2a8effe846ce3fd4
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Mon Dec 18 23:14:34 2017 +0000

    upstream commit
    
    log mismatched RSA signature types; ok markus@
    
    OpenBSD-Commit-ID: 381bddfcc1e297a42292222f3bcb5ac2b7ea2418
---
 ssh-rsa.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ssh-rsa.c b/ssh-rsa.c
index 9b4de8e8..592822ae 100644
--- a/ssh-rsa.c
+++ b/ssh-rsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-rsa.c,v 1.63 2017/12/18 02:25:15 djm Exp $ */
+/* $OpenBSD: ssh-rsa.c,v 1.64 2017/12/18 23:14:34 djm Exp $ */
 /*
  * Copyright (c) 2000, 2003 Markus Friedl <markus at openbsd.org>
  *
@@ -33,6 +33,7 @@
 #define SSHKEY_INTERNAL
 #include "sshkey.h"
 #include "digest.h"
+#include "log.h"
 
 static int openssh_RSA_verify(int, u_char *, size_t, u_char *, size_t, RSA *);
 
@@ -223,6 +224,8 @@ ssh_rsa_verify(const struct sshkey *key,
 	/* XXX djm: need cert types that reliably yield SHA-2 signatures */
 	if (alg != NULL && strcmp(alg, sigtype) != 0 &&
 	    strcmp(alg, "ssh-rsa-cert-v01 at openssh.com") != 0) {
+		error("%s: RSA signature type mismatch: "
+		    "expected %s received %s", __func__, alg, sigtype);
 		ret = SSH_ERR_SIGNATURE_INVALID;
 		goto out;
 	}

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.