Jeff Bailey <[EMAIL PROTECTED]> writes:
> I've beaten lshd into submission on gnudist, and was just taking a moment
> to test with OpenSSH.
>
> What's interesting is that on gnudist I only have my DSA key for lsh
> loaded in, I just wanted to see what would happen with OpenSSH, so I
> tried connecting at it asked me for the key to decrypt my DSA key. When
> I typed in the password for decryption, the server segfaulted.
Ooops. Try the patch below.
Thanks!
/Niels
diff -u -r1.14 -r1.15
--- server_publickey.c 2000/05/06 11:17:40 1.14
+++ server_publickey.c 2000/07/31 11:35:48 1.15
@@ -33,6 +33,8 @@
#include "lookup_verifier.h"
#include "publickey_crypto.h"
+#include <assert.h>
+
#include "server_publickey.c.x"
/* GABA:
@@ -119,33 +121,32 @@
v = LOOKUP_VERIFIER(lookup, algorithm, user, keyblob);
+ if (!v)
+ {
+ static const struct exception unauthorized_key
+ = STATIC_EXCEPTION(EXC_USERAUTH,
+ "Unauthorized public key.");
+
+ EXCEPTION_RAISE(e, &unauthorized_key);
+ goto fail;
+ }
+
if (!check_key)
{
- lsh_string_free(username);
- if (v)
- {
- struct lsh_string *reply = format_userauth_pk_ok(algorithm, keyblob);
- lsh_string_free(keyblob);
-
- EXCEPTION_RAISE(e, make_userauth_special_exception(reply, NULL));
- }
- else
- {
- static const struct exception unauthorized_key
- = STATIC_EXCEPTION(EXC_USERAUTH,
- "Unauthorized public key.");
-
- lsh_string_free(keyblob);
- EXCEPTION_RAISE(e, &unauthorized_key);
- }
- return;
+ assert(v);
+ EXCEPTION_RAISE(e, make_userauth_special_exception
+ (format_userauth_pk_ok(algorithm, keyblob),
+ NULL));
+ goto fail;
}
else
{
struct lsh_string *signed_data;
+ assert(v);
+
#if DATAFELLOWS_WORKAROUNDS
- if ( v && (algorithm == ATOM_SSH_DSS)
+ if ( (algorithm == ATOM_SSH_DSS)
&& (connection->peer_flags & PEER_SSH_DSS_KLUDGE))
v = make_dsa_verifier_kludge(v);
