mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-10 09:58:01 +00:00
Work around DSA formatting bug in commercial-SSH 2.0.13
[originally from svn r665]
This commit is contained in:
parent
e9caa5e3b6
commit
01ca2d8077
13
sshdss.c
13
sshdss.c
@ -161,11 +161,24 @@ static int dss_verifysig(char *sig, int siglen, char *data, int datalen) {
|
|||||||
if (!dss_p)
|
if (!dss_p)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Commercial SSH (2.0.13) and OpenSSH disagree over the format
|
||||||
|
* of a DSA signature. OpenSSH is in line with the IETF drafts:
|
||||||
|
* it uses a string "ssh-dss", followed by a 40-byte string
|
||||||
|
* containing two 160-bit integers end-to-end. Commercial SSH
|
||||||
|
* can't be bothered with the header bit, and considers a DSA
|
||||||
|
* signature blob to be _just_ the 40-byte string containing
|
||||||
|
* the two 160-bit integers. We tell them apart by measuring
|
||||||
|
* the length: length 40 means the commercial-SSH bug, anything
|
||||||
|
* else is assumed to be IETF-compliant.
|
||||||
|
*/
|
||||||
|
if (siglen != 40) { /* bug not present; read admin fields */
|
||||||
getstring(&sig, &siglen, &p, &slen);
|
getstring(&sig, &siglen, &p, &slen);
|
||||||
if (!p || memcmp(p, "ssh-dss", 7)) {
|
if (!p || memcmp(p, "ssh-dss", 7)) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
sig += 4, siglen -= 4; /* skip yet another length field */
|
sig += 4, siglen -= 4; /* skip yet another length field */
|
||||||
|
}
|
||||||
r = get160(&sig, &siglen);
|
r = get160(&sig, &siglen);
|
||||||
s = get160(&sig, &siglen);
|
s = get160(&sig, &siglen);
|
||||||
if (!r || !s)
|
if (!r || !s)
|
||||||
|
Loading…
Reference in New Issue
Block a user