ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-03-03 18:52:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix pubkey auth after change to reuse ses.readbuf as ses.payload

Browse Source 
(4d7b4c5526c5)

--HG--
branch : nocircbuffer
This commit is contained in:
Matt Johnston 2015-03-01 23:02:06 +08:00
parent f367273549
commit f782cf375a
2 changed files with 15 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
session.h
View File

@ -126,7 +126,10 @@ struct sshsession {
buffer with the packet to send. */ buffer with the packet to send. */
struct Queue writequeue; /* A queue of encrypted packets to send */ struct Queue writequeue; /* A queue of encrypted packets to send */
buffer *readbuf; /* From the wire, decrypted in-place */ buffer *readbuf; /* From the wire, decrypted in-place */
buffer *payload; /* Post-decompression, the actual SSH packet */ buffer *payload; /* Post-decompression, the actual SSH packet.
May have extra data at the beginning, will be
passed to packet processing functions positioned past
that, see payload_beginning */
unsigned int payload_beginning; unsigned int payload_beginning;
unsigned int transseq, recvseq; /* Sequence IDs */ unsigned int transseq, recvseq; /* Sequence IDs */

12
svr-authpubkey.c
View File

@ -86,6 +86,7 @@ void svr_auth_pubkey() {
unsigned int algolen; unsigned int algolen;
unsigned char* keyblob = NULL; unsigned char* keyblob = NULL;
unsigned int keybloblen; unsigned int keybloblen;
unsigned int sign_payload_length;
buffer * signbuf = NULL; buffer * signbuf = NULL;
sign_key * key = NULL; sign_key * key = NULL;
char* fp = NULL; char* fp = NULL;
@ -125,9 +126,18 @@ void svr_auth_pubkey() {
/* create the data which has been signed - this a string containing /* create the data which has been signed - this a string containing
* session_id, concatenated with the payload packet up to the signature */ * session_id, concatenated with the payload packet up to the signature */
assert(ses.payload_beginning <= ses.payload->pos);
sign_payload_length = ses.payload->pos - ses.payload_beginning;
signbuf = buf_new(ses.payload->pos + 4 + ses.session_id->len); signbuf = buf_new(ses.payload->pos + 4 + ses.session_id->len);
buf_putbufstring(signbuf, ses.session_id); buf_putbufstring(signbuf, ses.session_id);
buf_putbytes(signbuf, ses.payload->data, ses.payload->pos);
/* The entire contents of the payload prior. */
buf_setpos(ses.payload, ses.payload_beginning);
buf_putbytes(signbuf,
buf_getptr(ses.payload, sign_payload_length),
sign_payload_length);
buf_incrpos(ses.payload, sign_payload_length);
buf_setpos(signbuf, 0); buf_setpos(signbuf, 0);
/* ... and finally verify the signature */ /* ... and finally verify the signature */