diff options
author | des <des@FreeBSD.org> | 2010-11-11 11:46:19 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2010-11-11 11:46:19 +0000 |
commit | 59d1af232220700389c3543e93e1b1f2e2619919 (patch) | |
tree | 6eb7398d6e807c1a0d65a65c3e0dc92c453bb592 /crypto/openssh/auth-rsa.c | |
parent | ac0984a6533794998189315ced48d83ce881917d (diff) | |
parent | a074372f88279f4eaaed8ab05de3f3fda1fac4eb (diff) | |
download | FreeBSD-src-59d1af232220700389c3543e93e1b1f2e2619919.zip FreeBSD-src-59d1af232220700389c3543e93e1b1f2e2619919.tar.gz |
Upgrade to OpenSSH 5.6p1.
Diffstat (limited to 'crypto/openssh/auth-rsa.c')
-rw-r--r-- | crypto/openssh/auth-rsa.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/crypto/openssh/auth-rsa.c b/crypto/openssh/auth-rsa.c index 65571a8..56702d1 100644 --- a/crypto/openssh/auth-rsa.c +++ b/crypto/openssh/auth-rsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-rsa.c,v 1.74 2010/03/04 10:36:03 djm Exp $ */ +/* $OpenBSD: auth-rsa.c,v 1.78 2010/07/13 23:13:16 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -34,11 +34,11 @@ #include "uidswap.h" #include "match.h" #include "buffer.h" -#include "auth-options.h" #include "pathnames.h" #include "log.h" #include "servconf.h" #include "key.h" +#include "auth-options.h" #include "hostfile.h" #include "auth.h" #ifdef GSSAPI @@ -116,7 +116,7 @@ auth_rsa_verify_response(Key *key, BIGNUM *challenge, u_char response[16]) MD5_Final(mdbuf, &md); /* Verify that the response is the original challenge. */ - if (memcmp(response, mdbuf, 16) != 0) { + if (timingsafe_bcmp(response, mdbuf, 16) != 0) { /* Wrong answer. */ return (0); } @@ -256,7 +256,8 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) */ if (!auth_parse_options(pw, key_options, file, linenum)) continue; - + if (key_is_cert_authority) + continue; /* break out, this key is allowed */ allowed = 1; break; |