diff options
author | des <des@FreeBSD.org> | 2014-01-31 13:12:02 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2014-01-31 13:12:02 +0000 |
commit | 7573e91b127f1c198210fd345d3ca198b598cfc6 (patch) | |
tree | d32fb61cec38c52314210c3459fd436685dacdba /crypto/openssh/auth2-hostbased.c | |
parent | c692973c992c321bb10e631f572fab1500ae5b0e (diff) | |
parent | 45d0197dd79eceffb5bbc29f75199eb09af5a5f9 (diff) | |
download | FreeBSD-src-7573e91b127f1c198210fd345d3ca198b598cfc6.zip FreeBSD-src-7573e91b127f1c198210fd345d3ca198b598cfc6.tar.gz |
Upgrade to OpenSSH 6.5p1.
Diffstat (limited to 'crypto/openssh/auth2-hostbased.c')
-rw-r--r-- | crypto/openssh/auth2-hostbased.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/crypto/openssh/auth2-hostbased.c b/crypto/openssh/auth2-hostbased.c index a344dcc..488008f 100644 --- a/crypto/openssh/auth2-hostbased.c +++ b/crypto/openssh/auth2-hostbased.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-hostbased.c,v 1.16 2013/06/21 00:34:49 djm Exp $ */ +/* $OpenBSD: auth2-hostbased.c,v 1.17 2013/12/30 23:52:27 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -100,6 +100,12 @@ userauth_hostbased(Authctxt *authctxt) "(received %d, expected %d)", key->type, pktype); goto done; } + if (key_type_plain(key->type) == KEY_RSA && + (datafellows & SSH_BUG_RSASIGMD5) != 0) { + error("Refusing RSA key because peer uses unsafe " + "signature format"); + goto done; + } service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" : authctxt->service; buffer_init(&b); |