]> git.ipfire.org Git - thirdparty/openssh-portable.git/commitdiff
projects / thirdparty / openssh-portable.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6670594)
upstream commit
authordjm@openbsd.org <djm@openbsd.org>
Wed, 15 Mar 2017 02:19:09 +0000 (02:19 +0000)
committerDamien Miller <djm@mindrot.org>
Wed, 15 Mar 2017 02:34:20 +0000 (13:34 +1100)
Fix segfault when sshd attempts to load RSA1 keys (can
only happen when protocol v.1 support is enabled for the client). Reported by
Jakub Jelen in bz#2686; ok dtucker

Upstream-ID: 8fdaec2ba4b5f65db1d094f6714ce64b25d871d7

sshd.c patch | blob | blame | history

diff --git a/sshd.c b/sshd.c
index df694fe3d4c763657953bd34048bfe068c08b797..0b544f9f0d458752e40dd207db26465214cd3066 100644 (file)
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.483 2017/02/24 03:16:34 djm Exp $ */
+/* $OpenBSD: sshd.c,v 1.484 2017/03/15 02:19:09 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1675,6 +1675,15 @@ main(int ac, char **av)
                        continue;
                key = key_load_private(options.host_key_files[i], "", NULL);
                pubkey = key_load_public(options.host_key_files[i], NULL);
+
+               if ((pubkey != NULL && pubkey->type == KEY_RSA1) ||
+                   (key != NULL && key->type == KEY_RSA1)) {
+                       verbose("Ignoring RSA1 key %s",
+                           options.host_key_files[i])
+                       key_free(key);
+                       key_free(pubkey);
+                       continue;
+               }
                if (pubkey == NULL && key != NULL)
                        pubkey = key_demote(key);
                sensitive_data.host_keys[i] = key;
Mirror of https://github.com/openssh/openssh-portable.git